Service Identification of Internet-Connected Devices Based on Common Platform Enumeration


Sarang Na, Taeeun Kim, Hwankuk Kim, Journal of Information Processing Systems Vol. 14, No. 3, pp. 740-750, Jun. 2018

10.3745/JIPS.03.0098
Keywords: Common Platform Enumeration (CPE), Common Vulnerabilities and Exposures (CVE), OS Fingerprinting, Security Vulnerability Analysis, Service Identification
Fulltext:

Abstract

There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.




Cite this article
[APA Style]
Sarang Na, Taeeun Kim, & Hwankuk Kim (2018). Service Identification of Internet-Connected Devices Based on Common Platform Enumeration. Journal of Information Processing Systems, 14(3), 740-750. DOI: 10.3745/JIPS.03.0098.

[IEEE Style]
S. Na, T. Kim and H. Kim, "Service Identification of Internet-Connected Devices Based on Common Platform Enumeration," Journal of Information Processing Systems, vol. 14, no. 3, pp. 740-750, 2018. DOI: 10.3745/JIPS.03.0098.

[ACM Style]
Sarang Na, Taeeun Kim, and Hwankuk Kim. 2018. Service Identification of Internet-Connected Devices Based on Common Platform Enumeration. Journal of Information Processing Systems, 14, 3, (2018), 740-750. DOI: 10.3745/JIPS.03.0098.