Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices

Bodenheim, Roland C; Butts, Jonathan; Dunlap, Stephen; Mullins, Barry E.

doi:10.1016/j.ijcip.2014.03.001

Cited by 127 publications

(82 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A performance of about 55 million TPM was measured for an average of 1 h and 9 min for 3.702 billion accessible IP addresses. This can be interpreted as a performance similar to the "one-probe" condition announced in ZMap as in Table 4 shown (Apoorva et al 2017;Bodenheim et al 2014;Vijayarajan et al 2016).…”

Section: Performance Of Collecting Device Informationmentioning

confidence: 63%

“…The engine can also search for the existence of vulnerabilities such as Heartbleed and Poodle by collecting information about whether or not to use SSL cryptographic algorithm as well as the version information. Meanwhile, Durumeric developed Censys, a search engine that can quickly scan devices connected to the Internet (Bodenheim et al 2014). Censys was developed based on ZMap and ZGrab, which are open source.…”

Section: Scan Technology For Internet Devicesmentioning

confidence: 99%

See 1 more Smart Citation

Management platform of threats information in IoT environment

Kim

2017

J Ambient Intell Human Comput

View full text Add to dashboard Cite

Section: Performance Of Collecting Device Informationmentioning

confidence: 63%

Section: Scan Technology For Internet Devicesmentioning

confidence: 99%

Management platform of threats information in IoT environment

Kim

2017

J Ambient Intell Human Comput

View full text Add to dashboard Cite

“…The existing literature highlights that IP scanners are being used to gain information about SCADA systems [9], the types of devices that are potentially vulnerable when scanned [10], and the consequences of performing scans on live systems [7].…”

Section: Introductionmentioning

confidence: 99%

Vulnerability Analysis of Network Scanning on SCADA Systems

Coffey

Smith

Μαγλαράς

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICSs) have controlled the regulation and management of Critical National Infrastructure environments for decades. With the demand for remote facilities to be controlled and monitored, industries have continued to adopt Internet technology into their ICS and SCADA systems so that their enterprise can span across international borders in order to meet the demand of modern living. Although this is a necessity, it could prove to be potentially dangerous. The devices that make up ICS and SCADA systems have bespoke purposes and are often inherently vulnerable and difficult to merge with newer technologies. The focus of this article is to explore, test, and critically analyse the use of network scanning tools against bespoke SCADA equipment in order to identify the issues with conducting asset discovery or service detection on SCADA systems with the same tools used on conventional IP networks. The observations and results of the experiments conducted are helpful in evaluating their feasibility and whether they have a negative impact on how they operate. This in turn helps deduce whether network scanners open a new set of vulnerabilities unique to SCADA systems.

show abstract

“…In order to scan the industrial control system exposed to the global public network quickly and accurate, discovering and managing industrial control system to identify the scope of impact of vulnerability accurately when the vulnerability break out [4,5,6]. We proposed an industrial control network scanning tools based on stateless connection: ICSMap.…”

Section: Introductionmentioning

confidence: 99%

ICSMap: An ICS Scanning Tool Based on Stateless Connections

Chen¹,

Zhang²,

Tu³

2017

dtcse

View full text Add to dashboard Cite

The security of the industrial control system is related to the safety and stability of the national energy and basic industrial facilities, it has gradually become a serious challenge for enterprises and national security. This paper proposes an industrial control network scanning tools based on stateless connection: ICSMap. This tool can scan the global exposure to the public network of industrial equipment very fastly, and get their manufacturers, models and other related information. Experiments show that ICSMap can be used for Modbus, DNP3, S7, BACnet and other protocols of industrial control equipment, and its scanning speed greatly faster than the Nmap.

show abstract

Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices

Cited by 127 publications

References 0 publications

Management platform of threats information in IoT environment

Management platform of threats information in IoT environment

Vulnerability Analysis of Network Scanning on SCADA Systems

ICSMap: An ICS Scanning Tool Based on Stateless Connections

Contact Info

Product

Resources

About