首页> 外文OA文献 >A Quantitative Analysis of the Insecurity of Embedded Network Devices: Results of a Wide-Area Scan
【2h】

A Quantitative Analysis of the Insecurity of Embedded Network Devices: Results of a Wide-Area Scan

机译:嵌入式网络设备不安全性的定量分析:广域扫描的结果

代理获取
本网站仅为用户提供外文OA文献查询和代理获取服务,本网站没有原文。下单后我们将采用程序或人工为您竭诚获取高质量的原文,但由于OA文献来源多样且变更频繁,仍可能出现获取不到、文献不完整或与标题不符等情况,如果获取不到我们将提供退款服务。请知悉。

摘要

We present a quantitative lower bound on the number of vulnerable embedded device on a global scale. Over the past year, we have systematically scanned large portions of the internet to monitor the presence of trivially vulnerable embedded devices. At the time of writing, we have identified over 540,000 publicly accessible embedded devices configured with factory default root passwords. This constitutes over 13% of all discovered embedded devices. These devices range from enterprise equipment such as firewalls and routers to consumer appliances such as VoIP adapters, cable and IPTV boxes to office equipment such as network printers and video conferencing units. Vulnerable devices were detected in 144 countries, across 17,427 unique private enterprise, ISP, government, educational, satellite provider as well as residential network environments. Preliminary results from our longitudinal study tracking over 102,000 vulnerable devices revealed that over 96% of such accessible devices remain vulnerable after a 4-month period. We believe the data presented in this paper provides a conservative lower bound on the actual population of vulnerable devices in the wild. By combining the observed vulnerability distributions and its potential root causes, we propose a set of mitigation strategies and hypothesize about its quantitative impact on reducing the global vulnerable embedded device population. Employing our strategy, we have partnered with Team Cymru to engage key organizations capable of significantly reducing the number of trivially vulnerable embedded devices currently on the internet. As an ongoing longitudinal study, we plan to gather data continuously over the next year in order to quantify the effectiveness of community's cumulative effort to mitigate this pervasive threat.
机译:在全球范围内,我们给出了易受攻击的嵌入式设备数量的定量下限。在过去的一年中,我们已系统地扫描了互联网的大部分内容,以监视易受攻击的嵌入式设备的存在。在撰写本文时,我们已经识别出超过540,000种使用出厂默认根密码配置的可公开访问的嵌入式设备。这构成了所有发现的嵌入式设备的13%以上。这些设备的范围从防火墙和路由器等企业设备到VoIP适配器,电缆和IPTV盒等消费类设备,再到网络打印机和视频会议单元等办公设备。在144个国家/地区,17,427个独特的私营企业,ISP,政府,教育,卫星提供商以及住宅网络环境中检测到易受攻击的设备。我们的纵向研究跟踪了102,000多个易受攻击的设备的初步结果表明,在4个月后,超过96%的此类可访问设备仍然易受攻击。我们认为,本文提供的数据为野外易受攻击的设备的实际数量提供了一个保守的下限。通过结合观察到的漏洞分布及其潜在的根本原因,我们提出了一套缓解策略并假设了其对减少全球易受攻击的嵌入式设备数量的量化影响。利用我们的策略,我们与Team Cymru合作,与能够显着减少当前Internet上易受攻击的嵌入式设备数量的关键组织合作。作为一项正在进行的纵向研究,我们计划在下一年连续收集数据,以便量化社区为缓解这种普遍威胁所做的累积努力的有效性。

著录项

  • 作者

    Cui Ang; Stolfo Salvatore;

  • 作者单位
  • 年度 2010
  • 总页数
  • 原文格式 PDF
  • 正文语种 {"code":"en","name":"English","id":9}
  • 中图分类

相似文献

  • 外文文献
  • 中文文献
  • 专利

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号