Paper Info
Title
A Search Engine Backed by Internet-Wide Scanning
Abstract
Fast Internet-wide scanning has opened new avenues for security research, ranging from uncovering widespread vulnerabilities in random number generators to tracking the evolving impact of Heartbleed. However, this technique still requires significant effort: even simple questions, such as, \"What models of embedded devices prefer CBC ciphers?\", require developing an application scanner, manually identifying and tagging devices, negotiating with network administrators, and responding to abuse complaints. In this paper, we introduce Censys, a public search engine and data processing facility backed by data collected from ongoing Internet-wide scans. Designed to help researchers answer security-related questions, Censys supports full-text searches on protocol banners and querying a wide range of derived fields (e.g., 443.https.cipher). It can identify specific vulnerable devices and networks and generate statistical reports on broad usage patterns and trends. Censys returns these results in sub-second time, dramatically reducing the effort of understanding the hosts that comprise the Internet. We present the search engine architecture and experimentally evaluate its performance. We also explore Censys's applications and show how questions asked in recent studies become simple to answer.
Year
DOI
Venue
2015
10.1145/2810103.2813703
ACM Conference on Computer and Communications Security
Field
DocType
Citations 
Heartbleed,Cipher,Data processing,World Wide Web,Search engine,Computer science,Computer security,Search-oriented architecture,Random number generation,Vulnerability,The Internet
Conference
89
PageRank 
References 
Authors
3.44
18
5
Name
Order
Citations
PageRank
Zakir Durumeric193548.86
David Adrian222211.07
Ariana Mirian31217.26
Michael Bailey4133578.22
J. Alex Halderman52301149.67