A Study on the Service Identification of Internet-Connected Devices Using Common Platform Enumeration
暂无分享,去创建一个
Internet-connected device information can be acquired through the open ports of a network host. It is also possible to determine whether a particular host is vulnerable by associating publicly known vulnerabilities with this information. Currently, the analysis of the device information to identify the security vulnerability is carried out manually; therefore, automatic analysis technology is necessary in order to deal with a huge number of devices. In this paper, we propose a method that automatically generates the Common Platform Enumeration (CPE) of Internet-facing devices based on banner information to discover security vulnerability information such as Common Vulnerabilities Exposures (CVE).
[1] J. Alex Halderman,et al. A Search Engine Backed by Internet-Wide Scanning , 2015, CCS.
[2] Béla Genge,et al. ShoVAT: Shodan-based vulnerability assessment tool for Internet-facing services , 2016, Secur. Commun. Networks.