The Internet-Connected Device Vulnerability Information Management System in IoT Environment
AUTHORS
Kim Taeeun,Dept. of Computer Science, Soong-Sil University
Yong Hoon Jung,Dept. of Computer Science, Soong-Sil University1, BaaS LAB
Moon-Seog Jun,Dept. of Computer Science, Soong-Sil University1, BaaS LAB
ABSTRACT
Recently, the performance of wireless communication and small devices has greatly improved. As these technologies and environments change, there is a growing number of services that utilize various types of IoT devices. Devices such as small sensors and CCTVs that were used offline are being connected to the Internet. However, a large number of IoT devices use an open-source with no security function. In addition, network equipment such as switches and gateways, which have been used for a long time, is also used with many vulnerabilities because users do not have regular updates. Such weak devices are connected to the Internet and operating, making them vulnerable to malicious attackers. In this paper, we propose a system for collecting Internet-connected device information and identifying and managing vulnerability information by utilizing Internet-Wide Scan technology.
KEYWORDS
Vulnerability Information Management; Security Management; IoT Security
REFERENCES
[1] Business insider (2016) The Internet of Everything report. Available online: http://www.businessinsider.com/there-will-be-34-billion-iot-devices-installed-on-earth-by-2020-2016-5 (accessed on 10-09-2019)
[2] Cisco (2016) Cisco 2016 midyear cybersecyrity report of cisco. Available online: http://www.cisco.com/c/dam/m/en_ca/never-better/assets/files/midyearsecurity-report-2016.pdf (accessed on 10-09-2019)
[3] Q. Xu, R. Zheng, W. Saad, Z. Han, "Device Fingerprinting in Wireless Networks: Challenges and Opportunities". Proceedings of the IEEE Communications Surveys & Tutorials (2016), vol.18, no.1, pp.94-104
[4] Y-C. Chen, Y. Liao, M. Baldi, S-J. Lee, L. Qiu, "OS Fingerprinting and Thethering Detection in Mobile Networks", Proceedings of the 2014 Conference on Internet Measurement Conference(2014), pp.173-179
[5] Z. Shamsi, A. Nandwani, D. Leonard, D. Loguinov, "Hershel: Single-Packet OS Fingerprinting", Proceedings of the IEEE/ACM Transactions on Networking (2016), vol.24, pp.2196-2209 DOI: 10.1145/2591971.2591972(CrossRef)(Google Scholar)
[6] A. Costin, J. Zaddach, A. Francillon, D.Balzarotti, "A Large-Scale Analysis of the Security of Embedded Firmwares", Proceedings of the 23rd USENIX conference on Security Symposium (2014), pp.95-110
[7] G. Bartlett, J., Heidemann, C. Papadopoulos. Understanding passive and active service discovery. Proceedings of the 7th ACM SIGCOMM conference on Internet measurement(IMC) (2007), pages 57-70
[8] M. Li, H. Chen, X. Huang, L. Cui, "EasiCrawl: A Sleep-aware Schedule Method for Crawling IoT Sensors", Proceedings of the IEEE International Conference on Parallel and Distributed Systems (2015), pp.148-155
[9] K. Yinghui, S. Danfeng, "Research on collecting real-time information on dynamic web pages of Internet of Things", Proceedings of the International Conference on Computational and Information Sciences (2013), pp.563-566 DOI: 10.1109/ICCIS.2013.156(CrossRef)(Google Scholar)
[10] D. Leonard, D. Loguinov, "Demystifying Service Discovery: Implementing an Internet-Wide Scanner", Proceedings of the 10th ACM SIGCOMM conference on Internet measurement (2010), pp.109-122 DOI: 10.1145/1879141.1879156(CrossRef)(Google Scholar)
[11] S. Khattak, D. Fifield, S. Afroz, M. Javed, S. Sundaresan, V. Paxson, S.J. Murdoch, D. McCoy, "Do You See What I See? Differential Treatment of Anonymous Users", Proceedings of the 23rd Network and Distributed System Security Symposium (2016)
[12] G.C.M. Moura, C. Ganan, Q. Lone, P. Poursaied, H. Asghari, M. van Eeten, "How Dynamic is the ISPs Address Space? Towards Internet-Wide DHCP Churn Estimation", Proceedings of the IFIP Networking Conference (2015)
[13] R. Trapkickin, "Who is Scanning the Internet?", Proceedings of the Seminars Future Internet (FI) and Innovative Internet Technologies and Mobile Communications (IITM) (2015)
[14] D. Myers, E. Foo, K. Radke, "Internet-wide Scanning Taxonomy and Framework", Proceedings of the 13th Australasian Information Security Conference (2015)
[15] Anton V. Arzhakov and Irina F. Babalova, "Analysis of Current Internet Wide Scan Effectiveness", Proceedings of the IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (2017)(doi:10.1109/EIConRus.2017.7910503) DOI: 10.1109/EIConRus.2017.7910503(CrossRef)(Google Scholar)
[16] Anonymous.: Internet census 2012. Available online:http://census2012.sourceforge.net/paper.html (accessed on 10-09-2019)
[17] B. Genge, C. Enachescu, "ShoVAT: Shodan-based vulnerability assesment tool for Internet-facing services", Proceedings of the Security & Communication Networks (2015) DOI: 10.1002/sec.1262(CrossRef)(Google Scholar)
[18] Z. Durumeric, J. Kasten, D. Adrian, J.A. Halderman, M.Bailey, F. Li, N. Weaver, J. Amann, J. Beekman, M. Payer, V. Paxson, "The Matter of Heartbleed", Proceedings of the Conference on Internet Measurement Conference (2014) DOI: 10.1145/2663716.2663755(CrossRef)(Google Scholar)