Jump to ContentJump to Main Navigation
Show Summary Details
More options …

MACRo 2015

Proceedings of the 5th International Conference on Recent Achievements in Mechatronics, Automation, Computer Sciences and Robotics

1 Issue per year

Open Access
See all formats and pricing
More options …

Non-Intrusive Historical Assessment of Internet-Facing Services in the Internet of Things

Béla Genge / Călin Enăchescu
Published Online: 2015-05-09 | DOI: https://doi.org/10.1515/macro-2015-0003


The expansion of Internet has led to a variety of directly accessible devices and services. Nowadays, companies tend to increase the number of Internetfacing services in order to ensure higher visibility, and accessibility towards end-users. Nonetheless, this profound expansion towards an “Internet of Things” brings new opportunities to malicious actors. As a result, novel cyber-physical attacks bring new challenges to systems administrators in order to accommodate traditional user requests with security prerequisites. Therefore, in this paper we propose a novel approach for historical Internet connectivity assessment of services. The technique uses the output of the popular Shodan search engine to infer the lifetime of different Internet-facing services. Experimental results conducted on IP address blocks attributed to six different institutions distributed across four sectors (university, telecommunications, banking, and power) show different possible service lifetime patterns.

Keywords : Cyber security; Internet of Things; passive assessment; active assessment; penetration testing


  • [1] Cisco, The Internet of Things, http://share.cisco.com/internet-of-things.html, accessed January 2015.Google Scholar

  • [2] Genge, B., and Siaterlis, C., “Analysis of the Effects of Distributed Denial-of-Service Attacks on MPLS Networks”, International Journal of Critical Infrastructure Protection, Elsevier, vol. 6, no. 2, pp. 87-95, 2013.Google Scholar

  • [3] Hagerott, M., “Stuxnet and the vital role of critical infrastructure operators and engineers”, International Journal of Critical Infrastructure Protection, vol. 7, no. 4, pp. 244 - 246, 2014.Google Scholar

  • [4] Symantec, “Dragonfly: Cyberespionage attacks against energy suppliers”, Symantec Security Response, 2014.Google Scholar

  • [5] Shodan - The Computer Search Engine, http://www.shodanhq.com, accessed January 2015.Google Scholar

  • [6] Bodenheim, R., Butts, J., Dunlap, S., and Mullins, B., “Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices”, International Journal of Critical Infrastructure Protection, vol. 7, no. 2, pp. 114-123, 2014.Web of ScienceGoogle Scholar

  • [7] Goldman, D., “Shodan: The scariest search engine on the Internet”, CNN Money, April 8, 2013, http://money.cnn.com/2013/04/08/technology/security/shodan/, accessed January 2014.Google Scholar

  • [8] Nmap, http://nmap.org/, accessed January 2015.Google Scholar

  • [9] Durumeric, Z., Wustrow, E., and Halderman, J., “ZMap: Fast Internet-wide scanning and its security applications”, in Proceedings of USENIX Security, pp. 605-620, 2013.Google Scholar

  • [10] Auffret, P., “SinFP, unification of active and passive operating system fingerprinting”, Journal in Computer Virology, vol. 6, no. 3, pp. 197-205, 2010.Google Scholar

  • [11] Manes, G.W., Schulte, D., Guenther, S., and Shenoi, S., “NetGlean: A Methodology for Distributed Network Security Scanning”, Journal of Network and Systems Management, vol. 13, no. 3, pp. 329-344, 2005.Google Scholar

  • [12] Matterly, J., “Shodan REST API Documentation”, https://developer.shodan.io/api, accessed January 2015. Google Scholar

About the article

Received: 2015-01-25

Revised: 2015-02-09

Published Online: 2015-05-09

Published in Print: 2015-03-01

Citation Information: MACRo 2015, Volume 1, Issue 1, Pages 25–36, ISSN (Online) 2247-0948, DOI: https://doi.org/10.1515/macro-2015-0003.

Export Citation

© 2015. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. BY-NC-ND 3.0

Comments (0)

Please log in or register to comment.
Log in