• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

通过实际用例教授和学习物联网网络安全和漏洞评估以及 Shodan 的使用。

Teaching and Learning IoT Cybersecurity andVulnerability Assessment with Shodan through Practical Use Cases.

机构信息

Department of Computer Engineering, Faculty of Computer Science, Universidade da Coruña, 15071 A Coruña, Spain.

Centro de investigación CITIC, Universidade da Coruña, 15071 A Coruña, Spain.

出版信息

Sensors (Basel). 2020 May 27;20(11):3048. doi: 10.3390/s20113048.

DOI:10.3390/s20113048
PMID:32471252
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC7309102/
Abstract

Shodan is a search engine for exploring the Internet and thus finding connected devices. Its main use is to provide a tool for cybersecurity researchers and developers to detect vulnerable Internet-connected devices without scanning them directly. Due to its features, Shodan can be used for performing cybersecurity audits on Internet of Things (IoT) systems and devices used in applications that require to be connected to the Internet. The tool allows for detecting IoT device vulnerabilities that are related to two common cybersecurity problems in IoT: the implementation of weak security mechanisms and the lack of a proper security configuration. To tackle these issues, this article describes how Shodan can be used to perform audits and thus detect potential IoT-device vulnerabilities. For such a purpose, a use case-based methodology is proposed to teach students and users to carry out such audits and then make more secure the detected exploitable IoT devices. Moreover, this work details how to automate IoT-device vulnerability assessments through Shodan scripts. Thus, this article provides an introductory practical guide to IoT cybersecurity assessment and exploitation with Shodan.

摘要

Shodan 是一种用于探索互联网并因此找到连接设备的搜索引擎。它的主要用途是为网络安全研究人员和开发人员提供一种工具,用于在不直接扫描它们的情况下检测易受攻击的互联网连接设备。由于其功能,Shodan 可用于对物联网 (IoT) 系统和应用程序中需要连接到互联网的设备执行网络安全审核。该工具可用于检测与物联网中两个常见网络安全问题相关的 IoT 设备漏洞:安全机制实施薄弱和缺乏适当的安全配置。为了解决这些问题,本文描述了如何使用 Shodan 执行审核,从而检测潜在的 IoT 设备漏洞。为此,提出了一种基于用例的方法,以教导学生和用户执行此类审核,然后使检测到的可利用 IoT 设备更加安全。此外,本文详细介绍了如何通过 Shodan 脚本自动执行 IoT 设备漏洞评估。因此,本文提供了使用 Shodan 进行物联网网络安全评估和利用的入门实践指南。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/bc09052e6f15/sensors-20-03048-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/4630fa89e85f/sensors-20-03048-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/d8805d08fd21/sensors-20-03048-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/8c5d615fb66f/sensors-20-03048-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/bb9a43ac046a/sensors-20-03048-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/d507607f879d/sensors-20-03048-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/a6d1df1f478f/sensors-20-03048-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/ad83fcc4c3c1/sensors-20-03048-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/6268e069ced8/sensors-20-03048-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/2ac25071305f/sensors-20-03048-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/32deee5548f3/sensors-20-03048-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/bc09052e6f15/sensors-20-03048-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/4630fa89e85f/sensors-20-03048-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/d8805d08fd21/sensors-20-03048-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/8c5d615fb66f/sensors-20-03048-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/bb9a43ac046a/sensors-20-03048-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/d507607f879d/sensors-20-03048-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/a6d1df1f478f/sensors-20-03048-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/ad83fcc4c3c1/sensors-20-03048-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/6268e069ced8/sensors-20-03048-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/2ac25071305f/sensors-20-03048-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/32deee5548f3/sensors-20-03048-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2246/7309102/bc09052e6f15/sensors-20-03048-g011.jpg

相似文献

1
Teaching and Learning IoT Cybersecurity andVulnerability Assessment with Shodan through Practical Use Cases.通过实际用例教授和学习物联网网络安全和漏洞评估以及 Shodan 的使用。
Sensors (Basel). 2020 May 27;20(11):3048. doi: 10.3390/s20113048.
2
Named-Entity-Recognition-Based Automated System for Diagnosing Cybersecurity Situations in IoT Networks.基于命名实体识别的物联网网络网络安全态势诊断自动化系统。
Sensors (Basel). 2019 Aug 1;19(15):3380. doi: 10.3390/s19153380.
3
An Ontology-Based Cybersecurity Framework for the Internet of Things.基于本体的物联网网络安全框架。
Sensors (Basel). 2018 Sep 12;18(9):3053. doi: 10.3390/s18093053.
4
Exploring IoT Vulnerabilities in a Comprehensive Remote Cybersecurity Laboratory.在综合性远程网络安全实验室中探索物联网漏洞。
Sensors (Basel). 2023 Nov 20;23(22):9279. doi: 10.3390/s23229279.
5
WYSIWYG: IoT Device Identification Based on WebUI Login Pages.所见即所得:基于WebUI登录页面的物联网设备识别
Sensors (Basel). 2022 Jun 29;22(13):4892. doi: 10.3390/s22134892.
6
Toward an Applied Cyber Security Solution in IoT-Based Smart Grids: An Intrusion Detection System Approach.迈向基于物联网的智能电网中的应用网络安全解决方案:入侵检测系统方法。
Sensors (Basel). 2019 Nov 14;19(22):4952. doi: 10.3390/s19224952.
7
Automatic Verification and Execution of Cyber Attack on IoT Devices.物联网设备网络攻击的自动验证与执行
Sensors (Basel). 2023 Jan 9;23(2):733. doi: 10.3390/s23020733.
8
Code Injection Attacks in Wireless-Based Internet of Things (IoT): A Comprehensive Review and Practical Implementations.基于无线的物联网(IoT)中的代码注入攻击:全面综述与实际实现
Sensors (Basel). 2023 Jun 30;23(13):6067. doi: 10.3390/s23136067.
9
A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review.物联网的关键网络安全分析与未来研究方向:全面综述。
Sensors (Basel). 2023 Apr 19;23(8):4117. doi: 10.3390/s23084117.
10
An Integral Pedagogical Strategy for Teaching and Learning IoT Cybersecurity.物联网网络安全教学的整体教学策略。
Sensors (Basel). 2020 Jul 17;20(14):3970. doi: 10.3390/s20143970.

引用本文的文献

1
A novel cyber threat intelligence platform for evaluating the risk associated with smart agriculture.一个用于评估与智慧农业相关风险的新型网络威胁情报平台。
Sci Rep. 2025 Jan 31;15(1):3904. doi: 10.1038/s41598-025-85320-8.
2
Practical Latency Analysis of a Bluetooth 5 Decentralized IoT Opportunistic Edge Computing System for Low-Cost SBCs.适用于低成本单板计算机的蓝牙5分散式物联网机会边缘计算系统的实际延迟分析
Sensors (Basel). 2022 Oct 31;22(21):8360. doi: 10.3390/s22218360.
3
The Design of Large Scale IP Address and Port Scanning Tool.大规模IP地址与端口扫描工具的设计

本文引用的文献

1
Enabling the Internet of Mobile Crowdsourcing Health Things: A Mobile Fog Computing, Blockchain and IoT Based Continuous Glucose Monitoring System for Diabetes Mellitus Research and Care.实现移动众包健康物联网:基于移动雾计算、区块链和物联网的用于糖尿病研究和护理的连续血糖监测系统。
Sensors (Basel). 2019 Jul 28;19(15):3319. doi: 10.3390/s19153319.
2
Design and Experimental Validation of a LoRaWAN Fog Computing Based Architecture for IoT Enabled Smart Campus Applications.用于支持物联网的智能校园应用的基于LoRaWAN雾计算架构的设计与实验验证。
Sensors (Basel). 2019 Jul 26;19(15):3287. doi: 10.3390/s19153287.
3
Clock Frequency Impact on the Performance of High-Security Cryptographic Cipher Suites for Energy-Efficient Resource-Constrained IoT Devices.
Sensors (Basel). 2020 Aug 8;20(16):4423. doi: 10.3390/s20164423.
时钟频率对节能资源受限物联网设备的高安全性密码套件性能的影响。
Sensors (Basel). 2018 Dec 20;19(1):15. doi: 10.3390/s19010015.
4
A Practical Evaluation on RSA and ECC-Based Cipher Suites for IoT High-Security Energy-Efficient Fog and Mist Computing Devices.基于 RSA 和 ECC 的密码套件在物联网高安全性节能雾和霾计算设备中的实用评估。
Sensors (Basel). 2018 Nov 10;18(11):3868. doi: 10.3390/s18113868.
5
A Cost-Effective IoT System for Monitoring Indoor Radon Gas Concentration.一种用于监测室内氡气浓度的具有成本效益的物联网系统。
Sensors (Basel). 2018 Jul 8;18(7):2198. doi: 10.3390/s18072198.