23
views
0
recommends
+1 Recommend
0 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Teaching and Learning IoT Cybersecurity and Vulnerability Assessment with Shodan through Practical Use Cases

      research-article

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Shodan is a search engine for exploring the Internet and thus finding connected devices. Its main use is to provide a tool for cybersecurity researchers and developers to detect vulnerable Internet-connected devices without scanning them directly. Due to its features, Shodan can be used for performing cybersecurity audits on Internet of Things (IoT) systems and devices used in applications that require to be connected to the Internet. The tool allows for detecting IoT device vulnerabilities that are related to two common cybersecurity problems in IoT: the implementation of weak security mechanisms and the lack of a proper security configuration. To tackle these issues, this article describes how Shodan can be used to perform audits and thus detect potential IoT-device vulnerabilities. For such a purpose, a use case-based methodology is proposed to teach students and users to carry out such audits and then make more secure the detected exploitable IoT devices. Moreover, this work details how to automate IoT-device vulnerability assessments through Shodan scripts. Thus, this article provides an introductory practical guide to IoT cybersecurity assessment and exploitation with Shodan.

          Related collections

          Most cited references75

          • Record: found
          • Abstract: not found
          • Article: not found

          DDoS in the IoT: Mirai and Other Botnets

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Comparing the Effectiveness of an Inverted Classroom to a Traditional Classroom in an Upper-Division Engineering Course

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Internet-of-Things (IoT) based Smart Agriculture: Towards Making the Fields Talk

                Bookmark

                Author and article information

                Journal
                Sensors (Basel)
                Sensors (Basel)
                sensors
                Sensors (Basel, Switzerland)
                MDPI
                1424-8220
                27 May 2020
                June 2020
                : 20
                : 11
                : 3048
                Affiliations
                [1 ]Department of Computer Engineering, Faculty of Computer Science, Universidade da Coruña, 15071 A Coruña, Spain
                [2 ]Centro de investigación CITIC, Universidade da Coruña, 15071 A Coruña, Spain
                Author notes
                [* ]Correspondence: tiago.fernandez@ 123456udc.es (T.M.F.-C.); paula.fraga@ 123456udc.es (P.F.-L.); Tel.: +34-981-167-000 (ext. 6051) (P.F.-L.)
                Author information
                https://orcid.org/0000-0003-2179-5917
                https://orcid.org/0000-0002-4991-6808
                Article
                sensors-20-03048
                10.3390/s20113048
                7309102
                32471252
                1e4b9541-3b90-468c-b057-315877cdca9d
                © 2020 by the authors.

                Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license ( http://creativecommons.org/licenses/by/4.0/).

                History
                : 28 April 2020
                : 25 May 2020
                Categories
                Article

                Biomedical engineering
                iot,cybersecurity,shodan,teaching methodology,use case based learning,security audit,vulnerabilities,cyber-attacks,vulnerability assessment

                Comments

                Comment on this article