Saved in:
Bibliographic Details
Main Authors: Wu, Mengying, Hong, Geng, Chen, Jinsong, Liu, Qi, Tang, Shujun, Li, Youhao, Liu, Baojun, Duan, Haixin, Yang, Min
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2412.15696
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866910756104044544
author Wu, Mengying
Hong, Geng
Chen, Jinsong
Liu, Qi
Tang, Shujun
Li, Youhao
Liu, Baojun
Duan, Haixin
Yang, Min
author_facet Wu, Mengying
Hong, Geng
Chen, Jinsong
Liu, Qi
Tang, Shujun
Li, Youhao
Liu, Baojun
Duan, Haixin
Yang, Min
contents In the digital age, device search engines such as Censys and Shodan play crucial roles by scanning the internet to catalog online devices, aiding in the understanding and mitigation of network security risks. While previous research has used these tools to detect devices and assess vulnerabilities, there remains uncertainty regarding the assets they scan, the strategies they employ, and whether they adhere to ethical guidelines. This study presents the first comprehensive examination of these engines' operational and ethical dimensions. We developed a novel framework to trace the IP addresses utilized by these engines and collected 1,407 scanner IPs. By uncovering their IPs, we gain deep insights into the actions of device search engines for the first time and gain original findings. By employing 28 honeypots to monitor their scanning activities extensively in one year, we demonstrate that users can hardly evade scans by blocklisting scanner IPs or migrating service ports. Our findings reveal significant ethical concerns, including a lack of transparency, harmlessness, and anonymity. Notably, these engines often fail to provide transparency and do not allow users to opt out of scans. Further, the engines send malformed requests, attempt to access excessive details without authorization, and even publish personally identifiable information (PII) and screenshots on search results. These practices compromise user privacy and expose devices to further risks by potentially aiding malicious entities. This paper emphasizes the urgent need for stricter ethical standards and enhanced transparency in the operations of device search engines, offering crucial insights into safeguarding against invasive scanning practices and protecting digital infrastructures.
format Preprint
id arxiv_https___arxiv_org_abs_2412_15696
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Revealing the Black Box of Device Search Engine: Scanning Assets, Strategies, and Ethical Consideration
Wu, Mengying
Hong, Geng
Chen, Jinsong
Liu, Qi
Tang, Shujun
Li, Youhao
Liu, Baojun
Duan, Haixin
Yang, Min
Cryptography and Security
In the digital age, device search engines such as Censys and Shodan play crucial roles by scanning the internet to catalog online devices, aiding in the understanding and mitigation of network security risks. While previous research has used these tools to detect devices and assess vulnerabilities, there remains uncertainty regarding the assets they scan, the strategies they employ, and whether they adhere to ethical guidelines. This study presents the first comprehensive examination of these engines' operational and ethical dimensions. We developed a novel framework to trace the IP addresses utilized by these engines and collected 1,407 scanner IPs. By uncovering their IPs, we gain deep insights into the actions of device search engines for the first time and gain original findings. By employing 28 honeypots to monitor their scanning activities extensively in one year, we demonstrate that users can hardly evade scans by blocklisting scanner IPs or migrating service ports. Our findings reveal significant ethical concerns, including a lack of transparency, harmlessness, and anonymity. Notably, these engines often fail to provide transparency and do not allow users to opt out of scans. Further, the engines send malformed requests, attempt to access excessive details without authorization, and even publish personally identifiable information (PII) and screenshots on search results. These practices compromise user privacy and expose devices to further risks by potentially aiding malicious entities. This paper emphasizes the urgent need for stricter ethical standards and enhanced transparency in the operations of device search engines, offering crucial insights into safeguarding against invasive scanning practices and protecting digital infrastructures.
title Revealing the Black Box of Device Search Engine: Scanning Assets, Strategies, and Ethical Consideration
topic Cryptography and Security
url https://arxiv.org/abs/2412.15696