Abstract
The search engine Shodan crawls the Internet for, among other things, Industrial Control Systems (ICS). ICS are devices used to operate and automate industrial processes. Due to the increasing popularity of the Internet, these devices are getting more and more connected to the Internet. These devices will, if not hidden, be shown on Shodan. This study uses Shodan, together with data found by other researches to plot the trends of these ICS devices. The studied trends focus on the country percentage distribution and the usage of ICS protocols. The results show that all studied countries, except the United States, have decreased their percentage of world total ICS devices. We suspect that this does not represent the real story, as companies are getting better at hiding their devices from online crawlers. Our results also show that the usage of old ICS protocols is increasing. One of the explanations is that industrial devices, running old communication protocols, are increasingly getting connected to the Internet. In addition to the trend study, we evaluate Shodan by studying the time it takes for Shodan to index one of our devices on several networks. We also study ways of avoiding detection by Shodan and show that, by using a method called port knocking, it is relatively easy for a device to hide from Shodan, but remain accessible for legitimate users.
Highlights
Shodan is a search engine for devices connected to the Internet [1]
We study the trends of the number of Industrial Control Systems (ICS) devices and ICS protocols, both in Sweden and worldwide
According to Shodan, the number of ICS devices connected to the Internet have remained roughly the same for the last few years
Summary
Shodan is a search engine for devices connected to the Internet [1]. The consequences differ depending on what kind of device is subjected to a successful attack. If an ICS device is the subject of a successful attack, the consequences could be critical. A. SHODAN Shodan is a search engine that can be used to search for devices connected to the Internet [1]. SHODAN Shodan is a search engine that can be used to search for devices connected to the Internet [1] These devices can be anything from a router to an ICS. Shodan provides an option to apply a variety of filters to make searches more specific These filters include country, port, product, and category, among others. An example of a search query is port:502 country:‘‘se’’ category:ics, which will search for all ICS devices in Sweden using port number 502
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
