Title:
Identifying
Devices Across the IPv4 Address Space
Speaker:
Ryan Jicha, MITRE
Date and Time:
April 11, 2017, 5:30 (pizza), 6:00-7:00 (seminar)
Location:
YR
459
Abstract
Many devices are internet-enabled in today's world. In the home, televisions,
cameras, washers and dryers, and even door locks are now connected to the
internet to be controlled by smart phones or otherwise remotely monitored. Of
particular importance are the large numbers of commercial Supervisory Control
and Data Acquisition (SCADA) devices controlling critical infrastructure such as
power, water, transportation systems, and gas lines. Ensuring the security of
these devices is key to their safety and correct operations.
Most devices are connected using Internet
Protocol version 4 (IPv4). IPv4 has nearly 4.3 billion unique IP addresses, and
each of these addresses can communicate with other machines over 65, 535 ports.
While IPv6 is becoming more common, IPv4 is widely utilized and being
supplemented but not replaced by IPv6. By scanning open ports on devices and
determining the services and service versions running, one can often identify a
given device, determine its operating system, and verify possible
vulnerabilities. Network scanning is a fundamental way of determining potential
vulnerabilities and is commonly used internally by organizations. However,
current methods have not allowed complete scans to be done across the entire
IPv4 range. The main motivation for this research is to create a way to scan and
identify devices in a reasonable amount of time across the entire IPv4 internet.