Title:  Identifying Devices Across the IPv4 Address Space

Speaker: Ryan Jicha, MITRE

Date and Time: April 11, 2017, 5:30 (pizza), 6:00-7:00 (seminar)

Location: YR 459

Abstract

Many devices are internet-enabled in today's world. In the home, televisions, cameras, washers and dryers, and even door locks are now connected to the internet to be controlled by smart phones or otherwise remotely monitored. Of particular importance are the large numbers of commercial Supervisory Control and Data Acquisition (SCADA) devices controlling critical infrastructure such as power, water, transportation systems, and gas lines. Ensuring the security of these devices is key to their safety and correct operations.  Most devices are connected using Internet Protocol version 4 (IPv4). IPv4 has nearly 4.3 billion unique IP addresses, and each of these addresses can communicate with other machines over 65, 535 ports. While IPv6 is becoming more common, IPv4 is widely utilized and being supplemented but not replaced by IPv6. By scanning open ports on devices and determining the services and service versions running, one can often identify a given device, determine its operating system, and verify possible vulnerabilities. Network scanning is a fundamental way of determining potential vulnerabilities and is commonly used internally by organizations. However, current methods have not allowed complete scans to be done across the entire IPv4 range. The main motivation for this research is to create a way to scan and identify devices in a reasonable amount of time across the entire IPv4 internet.