Browse > Article
http://dx.doi.org/10.5762/KAIS.2019.20.9.504

A Study on the Vulnerability Management of Internet Connection Devices based on Internet-Wide Scan  

Kim, Taeeun (Korea Internet & Security Agency)
Jung, Yong Hoon (Dept. of Computer Science, SoongSil University)
Jun, Moon-Seog (Dept. of Computer Science, SoongSil University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.20, no.9, 2019 , pp. 504-509 More about this Journal
Abstract
Recently, both wireless communications technology and the performance of small devices have developed exponentially, while the number of services using various types of Internet of Things (IoT) devices has also massively increased in line with the ongoing technological and environmental changes. Furthermore, ever more devices that were previously used in the offline environment-including small-size sensors and CCTV-are being connected to the Internet due to the huge increase in IoT services. However, many IoT devices are not equipped with security functions, and use vulnerable open source software as it is. In addition, conventional network equipment, such as switches and gateways, operates with vulnerabilities, because users tend not to update the equipment on a regular basis. Recently, the simple vulnerability of IoT devices has been exploited through the distributed denial of service (DDoS) from attackers creating a large number of botnets. This paper proposes a system that is capable of identifying Internet-connected devices quickly, analyzing and managing the vulnerability of such devices using Internet-wide scan technology. In addition, the vulnerability analysis rate of the proposed technology was verified through collected banner information. In the future, the company plans to automate and upgrade the proposed system so that it can be used as a technology to prevent cyber attacks.
Keywords
Internet Wide Scan; Vulnerability Information Management; Device Management; Security Management; IoT Security;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Auffret P., "SinFP, unification of active and passive operating system fingerprinting", Journal in Computer Virology, Vol.6, No.3, pp.197-205, Aug. 2010. DOI: https://doi.org/10.1007/s11416-008-0107-z   DOI
2 Shamsi Z, Nandwani A, Leonard D, Loguinov D., "Hershel: single?packet OS fingerprinting.", SIGMETRICS '14 The 2014 ACM international conference on Measurement and modeling of computer systems, Vol.42, No.1, pp.195-206, June. 2014. DOI: https://dx.doi.org/10.1145/2591971.2591972   DOI
3 Z. Durumeric, E. Wustrow, J. A. Halderman, "ZMap : Fast Internet-Wide Scanning and its Security Applications", 22nd USENIX conference on Security, 2013.
4 Anton V. Arzhakov, Irina F. Babalova, "Analysis of Current Internet Wide Scan Effectiveness", Proceedings of 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering, 2017. DOI: https://doi.org/10.1109/EIConRus.2017.7910503   DOI
5 B. Genge, C. Enachescu, "ShoVAT: Shodan-based vulnerability assesment tool for Internet-facing services", Security & Communication Networks, 2015. DOI: https://doi.org/10.1002/sec.1262   DOI
6 Ziegeldorf JH, Morchon OG, Wehrle K., "Privacy in the Internet of Things: threats and?challenges", Security and Communication Networks, Vol.7, No.12, pp.2728-2742, Jun. 2014. DOI: https://doi.org/10.1002/sec.795   DOI
7 "State of the IoT 2018: Number of IoT devices now at 7B", IoT Analytics. Available online: https://iot-analytics.com/state-of-the-iot-update-q1- q2-2018-number-of-iot-devices-now-7b/ (accessed August 15, 2019).