Scanning for Vulnerable Devices in the Internet of Things
Many smart, resource-constrained, and seldom-updated devices in the Internet of Things present unanticipated vulnerabilities. The Internet Census 2012 scanned for such devices to construct its Carna Botnet, which then surveyed the entire IPv4 address space. This census provides an order of magnitude for the number of devices vulnerable to just one type of attack. Finally, three scans of different types demonstrate how to scan for vulnerable devices in the Internet of Things. The first uses Shodan to find vulnerable Cayman DSL routers; the second uses Masscan to find devices vulnerable to Heartbleed, and the third used Nmap and PFT to find and connect to vulnerable networked printers.
L. Markowsky and G. Markowsky, "Scanning for Vulnerable Devices in the Internet of Things," Proceedings of the IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) (2015, Warsaw, Poland), vol. 1, pp. 463-467, Institute of Electrical and Electronics Engineers (IEEE), Sep 2015.
The definitive version is available at https://doi.org/10.1109/IDAACS.2015.7340779
IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2015 (2015: Sep. 24-26, Warsaw, Poland)
Keywords and Phrases
Data acquisition; Internet; Malware; Surveys; Address space; Cyber security; Masscan; Nmap; Shodan; Internet of things; cybersecurity; Internet Census 2012; IoT; PFT
International Standard Book Number (ISBN)
Article - Conference proceedings
© 2015 Institute of Electrical and Electronics Engineers Inc., All rights reserved.