An exploration of the cybercrime ecosystem around Shodan
| Autor: | Ildiko Pete, Maria Bada |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
Network security
business.industry Computer science Internet privacy Botnet 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology Cybercrime Work (electrical) 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business Internet of Things Hacker |
| Zdroj: | IoTSMS |
| DOI: | 10.1109/iotsms52051.2020.9340224 |
| Popis: | Discussions on underground forums provide valuable insights to hackers' practices, interests and motivations. Although Internet of Things (IoT) vulnerabilities have been extensively explored, the question remains how members of hacker communities perceive the IoT landscape. In this work, we present an analysis of IoT related discussions that are potentially cybercriminal in nature. In particular, we analyse forum threads that discuss the search engine Shodan. The source of these posts is the CrimeBB dataset provided by the Cambridge Cybercrime Centre (CCC)1. We analyse 1051 thread discussions from 19 forums between 2009 and 2020. The overall aim of our work is to explore the main use cases of Shodan and highlight hackers' targets and motivations. We find that Shodan is versatile and is actively used by hackers as a tool for passive information gathering providing easier access to hackable targets. Our results suggest that Shodan plays a prominent role in various specific use cases including remote control of target devices, building botnets, Distributed Denial of Service attacks and identifying open databases. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|