An Intelligent Improvement of Internet-Wide Scan Engine for Fast Discovery of Vulnerable IoT Devices

Kim, Hwankuk; Kim, Tae‐Eun; Jang, Dae-il

doi:10.3390/sym10050151

Cited by 19 publications

(14 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several research efforts have been made to develop Internet Wide Scan technologies to search for vulnerable IoT devices. Kim et al [15] proposed a model to improve the performance of the Internet Wide Scanner Zmap [16].…”

Section: Detecting Iot Devices' Vulnerabilitiesmentioning

confidence: 99%

SIEM-based detection and mitigation of IoT-botnet DDoS attacks

Al-Duwairi

Al-Kahla

AlRefai

et al. 2020

IJECE

View full text Add to dashboard Cite

The Internet of Things (IoT) is becoming an integral part of our daily life including health, environment, homes, military, etc. The enormous growth of IoT in recent years has attracted hackers to take advantage of their computation and communication capabilities to perform different types of attacks. The major concern is that IoT devices have several vulnerabilities that can be easily exploited to form IoT botnets consisting of millions of IoT devices and posing significant threats to Internet security. In this context, DDoS attacks originating from IoT botnets is a major problem in today’s Internet that requires immediate attention. In this paper, we propose a Security Information and Event Management-based IoT botnet DDoS attack detection and mitigation system. This system detects and blocks DDoS attack traffic from compromised IoT devices by monitoring specific packet types including TCP SYN, ICMP and DNS packets originating from these devices. We discuss a prototype implementation of the proposed system and we demonstrate that SIEM based solutions can be configured to accurately identify and block malicious traffic originating from compromised IoT devices.

show abstract

Section: Detecting Iot Devices' Vulnerabilitiesmentioning

confidence: 99%

SIEM-based detection and mitigation of IoT-botnet DDoS attacks

Al-Duwairi

Al-Kahla

AlRefai

et al. 2020

IJECE

View full text Add to dashboard Cite

show abstract

“…Among the studied literature, the main observed goal for performing vulnerability scanning is to investigate security and privacy issues with some works aiming to enforce security rules [21]. Secondary goals are related to developing security solutions for IoT and IIoT [3,9,10,17,21], certification of IoT and IIoT devices to improve their market value [17], while others aim to provide platform for threat information sharing in IoT [10]. From the studied scanning processes, we were able to identify an IoT vulnerability scanning space in which all the observed scanning processes reside.…”

Section: Scanning Goalsmentioning

confidence: 99%

“…produced by 14,3 thousand manufacturers [11]. Machine learning techniques have been applied to improve the identification of device types [11] and operating systems [9]. Communicating with these devices to scan them and identifying their associated vulnerabilities require varying levels of scrutiny, especially since most of them do not adhere to certain standards.…”

Section: Scanning Challengesmentioning

confidence: 99%

“…For instance, Al-Alami et al [1] scanned hosts on Shodan with default credentials based on the presence of FTP response code 230 which means successful login; Shodan suggests this after attempting to log in using a list of most common credentials. Knowing that Shodan scans the entire IPv4 at least once each month [9], the assumed vulnerability could have been resolved but still appears in the results, therefore should be validated using active scanning, bearing in mind the associated ethical considerations. Some processes utilize additional tools to validate the results of the scanning tools.…”

Section: Fig 4: Simplified Scanning Model Combining Active and Passimentioning

confidence: 99%

“…IoT Vulnerability Scanning space IPv4 addresses for the scanning process in an attempt to avoid the detection and scanning prevention by security solutions such as firewalls which can easily detect sequential IPv4 scanning[9].…”

mentioning

confidence: 99%

See 2 more Smart Citations

IoT Vulnerability Scanning: A State of the Art

Amro

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Our modern life becomes more and more dependent on technology and services provided through an increasing number of deployed devices "Things" which are connected over networks that can sometimes be accessed remotely via the Internet. Although this Internet of Things (IoT) has led to innovations and improvements to our way of life, it has created many issues, especially related to cybersecurity. Ensuring the security of the IoT ecosystem can be achieved using pro-active security processes, including vulnerability scanning. In this paper, we capture the state of the art of the process that is IoT vulnerability scanning to determine its popularity and maturity. We have captured the different motivations for vulnerability scanning, the scanning space, process, and faced challenges. A Systematic Literature Review (SLR) has been conducted to achieve this goal, and the results are presented hereof. Moreover, we conducted a group of experiments to assess the status of IoT services and their associated vulnerabilities in the Nordic countries and found that additional work is needed to improve the security of the IoT ecosystem.

show abstract

A Large-Scale Security Analysis of Web Vulnerability: Findings, Challenges and Remedies

Cigoj¹,

Stepančič²,

Blažič³

2020

Computational Science and Its Applications – ICCSA 2020

View full text Add to dashboard Cite

This paper presents an analysis of the results obtained with an efficient and powerful tool developed to recognize the exploitable vulnerabilities of websites on the internet implemented with a web-content management system (WCMS). The key feature of this ethical tool is a dynamic, automated, and fast vulnerability scan of WCMS sites and the attached plug-ins for the live internet by obeying ethical requests. The collected scan results are impressive, and the presented analysis of these results provides an insight into the internet web system’s health and the factors that influence the vulnerability levels of websites.

show abstract

An Intelligent Improvement of Internet-Wide Scan Engine for Fast Discovery of Vulnerable IoT Devices

Cited by 19 publications

References 16 publications

SIEM-based detection and mitigation of IoT-botnet DDoS attacks

SIEM-based detection and mitigation of IoT-botnet DDoS attacks

IoT Vulnerability Scanning: A State of the Art

A Large-Scale Security Analysis of Web Vulnerability: Findings, Challenges and Remedies

Contact Info

Product

Resources

About