Identifying SCADA systems and their vulnerabilities on the internet of things: A text-mining approach

Sagar Samtani, Shuo Yu, Hongyi Zhu, Mark Patton, John Matherly, Hsinchun Chen

Research output: Contribution to journalArticlepeer-review

31 Scopus citations

Abstract

Supervisory Control and Data Acquisition (SCADA) systems allow operators to control critical infrastructure. Vendors are increasingly integrating Internet technology into these devices, making them more susceptible to cyberattacks. Identifying and assessing vulnerabilities of SCADA devices using Shodan, a search engine that contains records about publicly available Internet-connected devices, can help mitigate cyberattacks. The authors present a principled approach to systematically identify all SCADA devices on Shodan and then assess the vulnerabilities of the devices with a state-of-the-art tool.

Original languageEnglish (US)
Pages (from-to)63-73
Number of pages11
JournalIEEE Intelligent Systems
Volume33
Issue number2
DOIs
StatePublished - Mar 1 2018

Keywords

  • Internet of Things
  • Nessus
  • SCADA
  • SCADA devices
  • Shodan
  • cyberattacks
  • cybersecurity
  • data mining
  • security
  • supervisory control and data acquisition
  • text mining
  • vulnerability assessment

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Artificial Intelligence

Fingerprint

Dive into the research topics of 'Identifying SCADA systems and their vulnerabilities on the internet of things: A text-mining approach'. Together they form a unique fingerprint.

Cite this