JIPS (Çѱ¹Á¤º¸Ã³¸®ÇÐȸ)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
Service Identification of Internet-Connected Devices Based on Common Platform Enumeration |
| ¿µ¹®Á¦¸ñ(English Title) |
Service Identification of Internet-Connected Devices Based on Common Platform Enumeration |
| ÀúÀÚ(Author) |
Sarang Na
Taeeun Kim
Hwankuk Kim
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 14 NO. 03 PP. 0740 ~ 0750 (2018. 06) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
There are a great number of Internet-connected devices and their information can be acquired through an Internet-wide scanning tool. By associating device information with publicly known security vulnerabilities, security experts are able to determine whether a particular device is vulnerable. Currently, the identification of the device information and its related vulnerabilities is manually carried out. It is necessary to automate the process to identify a huge number of Internet-connected devices in order to analyze more than one hundred thousand security vulnerabilities. In this paper, we propose a method of automatically generating device information in the Common Platform Enumeration (CPE) format from banner text to discover potentially weak devices having the Common Vulnerabilities Exposures (CVE) vulnerability. We demonstrated that our proposed method can distinguish as much adequate CPE information as possible in the service banner.
|
| Å°¿öµå(Keyword) |
Common Platform Enumeration (CPE)
Common Vulnerabilities and Exposures (CVE)
OS Fingerprinting
Security Vulnerability Analysis
Service Identification
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
