Sciweavers

ACSAC
2010
IEEE

A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan

13 years 3 months ago
A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan
We present a quantitative lower bound on the number of vulnerable embedded device on a global scale. Over the past year, we have systematically scanned large portions of the internet to monitor the presence of trivially vulnerable embedded devices. At the time of writing, we have identified over 540,000 publicly accessible embedded devices configured with factory default root passwords. This constitutes over 13% of all discovered embedded devices.These devices range from enterprise equipment such as firewalls and routers to consumer appliances such as VoIP adapters, cable and IPTV boxes to office equipment such as network printers and video conferencing units. Vulnerable devices were detected in 144 countries, across 17,427 unique private enterprise, ISP, government, educational, satellite provider as well as residential network environments. Preliminary results from our longitudinal study tracking over 102,000 vulnerable devices revealed that over 96% of such accessible devices re...
Ang Cui, Salvatore J. Stolfo
Added 23 Aug 2011
Updated 23 Aug 2011
Type Journal
Year 2010
Where ACSAC
Authors Ang Cui, Salvatore J. Stolfo
Comments (0)