Nowadays, the increasing number of devices and services that require a direct Internet access, creates new security challenges. These challenges need to meet user feature-based requirements with the companies' restrictive security policies. Therefore, security administrators need to adopt novel tools in order to quickly and non-intrusively verify the degree of exposure of Internet-facing services. In this respect, we find tools such as Shodan and ZMap which enable scanning of services at an Internet-scale. This paper presents a methodology that expands the feature delivered by such tools with automated vulnerability assessment capabilities. The proposed methodology builds on the results returned by Shodan, which are analyzed in order to automatically identify known vulnerabilities from National Vulnerability Database. Experiments conducted on five university-type institutions revealed the effectiveness of the proposed approach and the high degree of service exposure which may require immediate, yet simple service sanitizing security measures.
Primary Language | English |
---|---|
Journal Section | Articles |
Authors | |
Publication Date | September 29, 2015 |
Submission Date | January 30, 2016 |
Published in Issue | Year 2015 Volume: 4 Issue: 3 |