ShoVAT: Shodan-based vulnerability assessment tool for Internet-facing services
作者: Béla Genge , Călin Enăchescu
DOI: 10.1002/SEC.1262
关键词: The Internet 、 Identification (information) 、 Vulnerability 、 National Vulnerability Database 、 Computer science 、 Vulnerability assessment 、 Data structure 、 Service (systems architecture) 、 World Wide Web 、 Index (publishing)
摘要: Shodan has been acknowledged as one of the most popular search engines available today, designed to crawl Internet and index discovered services. This paper expands features exposed by with advanced vulnerability assessment capabilities embedded into a novel tool called Shodan-based ShoVAT. ShoVAT takes output traditional queries performs an in-depth analysis service-specific data, that is, service banners. It embodies specially crafted algorithms which rely on in-memory data structures automatically reconstruct Common Platform Enumeration names proficiently extract vulnerabilities from National Vulnerability Database. Compared state art, brings several significant contributions because it encompasses automated identification techniques, can return highly accurate results customized even purposefully modified banners, supports historical without need deploy additional monitoring infrastructures. The experiments performed 1501 services in 12 different institutions across sectors revealed high accuracy total 3922 known vulnerabilities. Copyright © 2015John Wiley & Sons, Ltd.
sci-hub.se 参考文章(20)
Rob Beck, Passive-aggressive resistance: OS fingerprint evasion Linux Journal. ,vol. 2001, pp. 1- ,(2001)
João Paulo S. Medeiros, Agostinho M. Brito, Paulo S. Motta Pires, An Effective TCP/IP Fingerprinting Technique Based on Strange Attractors Classification Data Privacy Management and Autonomous Spontaneous Security. pp. 208- 221 ,(2010) , 10.1007/978-3-642-11207-2_16
Hamza Ghani, Abdelmajid Khelil, Neeraj Suri, György Csertán, László Gönczy, Gábor Urbanics, James Clarke, Assessing the security of internet‐connected critical infrastructures Security and Communication Networks. ,vol. 7, pp. 2713- 2725 ,(2014) , 10.1002/SEC.399
Pongsin Poosankam, Juan Caballero, Dawn Song, Avrim Blum, Min G Kang, Shobha Venkataraman, FiG: Automatic Fingerprint Generation network and distributed system security symposium. ,(2007) , 10.1184/R1/6468806.V1
Javier Burroni, Carlos Sarraute, Using Neural Networks to improve classical Operating System Fingerprinting techniques arXiv: Cryptography and Security. ,(2010)
Patrice Auffret, SinFP, unification of active and passive operating system fingerprinting Journal in Computer Virology. ,vol. 6, pp. 197- 205 ,(2010) , 10.1007/S11416-008-0107-Z
Roland Bodenheim, Jonathan Butts, Stephen Dunlap, Barry Mullins, Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices International Journal of Critical Infrastructure Protection. ,vol. 7, pp. 114- 123 ,(2014) , 10.1016/J.IJCIP.2014.03.001
Zain Shamsi, Ankur Nandwani, Derek Leonard, Dmitri Loguinov, Hershel: single-packet os fingerprinting measurement and modeling of computer systems. ,vol. 42, pp. 195- 206 ,(2014) , 10.1145/2591971.2591972
Guillaume Prigent, Florian Vichot, Fabrice Harrouet, IpMorph: fingerprinting spoofing unification Journal of Computer Virology and Hacking Techniques. ,vol. 6, pp. 329- 342 ,(2010) , 10.1007/S11416-009-0134-4
Gavin W. Manes, Dominic Schulte, Seth Guenther, Sujeet Shenoi, NetGlean: A Methodology for Distributed Network Security Scanning Journal of Network and Systems Management. ,vol. 13, pp. 329- 344 ,(2005) , 10.1007/S10922-005-6263-2