Research Output
Identifying Vulnerabilities Using Internet-wide Scanning Data
  Internet-wide scanning projects such as Shodan and Censys, scan the Internet and collect active reconnaissance results for online devices. Access to this information is provided through associated websites. The Internet-wide scanning data can be used to identify devices and services which are exposed on the Internet. It is possible to identify services as being susceptible to known- vulnerabilities by analysing the data. Analysing this information is classed as passive reconnaissance, as the target devices are not being directly communicated with. This paper goes on to define this as contactless active reconnaissance. The vulnerability identification functionality in these Internet-wide scanning tools is currently limited to a small number of high profile vulnerabilities. This work looks towards extending these features through the creation of a tool Scout which combines data from Censys and the National Vulnerability Database to passively identify potential vulnerabilities. This is possible by analysing Common Platform Enumerations and associated Common Vulnerability and Exposures. Through this novel approach, active vulnerability scanning results can be gained, while mitigating the associated issues of active scanning, such as possible disruption to the target network and devices. In initial experiments performed on 2571 services across 7 local academic intuitions, 12967 potential known-vulnerabilities were identified. More focused experiments to evaluate the results and compare accuracy with industry standard vulnerability assessment tools were carried out and Scout was found to successfully identify vulnerabilities with an effectiveness score of up to 74 percent when compared to OpenVAS.

  • Date:

    11 April 2019

  • Publication Status:


  • Publisher

    Institute of Electrical and Electronics Engineering

  • DOI:


  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security

  • Funders:

    Edinburgh Napier Funded


O'Hare, J., Macfarlane, R., & Lo, O. (2019). Identifying Vulnerabilities Using Internet-wide Scanning Data. In 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3), (1-10).



Internet-wide, computer networks, security, scout, censys, vulnerability assessment.

Monthly Views:

Available Documents