Scanning for Vulnerable Devices in the Internet of Things
Abstract
Many smart, resource-constrained, and seldom-updated devices in the Internet of Things present unanticipated vulnerabilities. The Internet Census 2012 scanned for such devices to construct its Carna Botnet, which then surveyed the entire IPv4 address space. This census provides an order of magnitude for the number of devices vulnerable to just one type of attack. Finally, three scans of different types demonstrate how to scan for vulnerable devices in the Internet of Things. The first uses Shodan to find vulnerable Cayman DSL routers; the second uses Masscan to find devices vulnerable to Heartbleed, and the third used Nmap and PFT to find and connect to vulnerable networked printers.
Recommended Citation
L. Markowsky and G. Markowsky, "Scanning for Vulnerable Devices in the Internet of Things," Proceedings of the IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) (2015, Warsaw, Poland), vol. 1, pp. 463 - 467, Institute of Electrical and Electronics Engineers (IEEE), Sep 2015.
The definitive version is available at https://doi.org/10.1109/IDAACS.2015.7340779
Meeting Name
IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2015 (2015: Sep. 24-26, Warsaw, Poland)
Department(s)
Computer Science
Keywords and Phrases
Data acquisition; Internet; Malware; Surveys; Address space; Cyber security; Masscan; Nmap; Shodan; Internet of things; cybersecurity; Internet Census 2012; IoT; PFT
International Standard Book Number (ISBN)
978-1467383615
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2015 Institute of Electrical and Electronics Engineers Inc., All rights reserved.
Publication Date
01 Sep 2015
