Abstract Shodan has been acknowledged as one of the most popular search engines available today, designed to crawl Internet and index discovered services. This paper expands features exposed by with advanced vulnerability assessment capabilities embedded into a novel tool called Shodan‐based (ShoVAT). ShoVAT takes output traditional queries performs an in‐depth analysis service‐specific data, that is, service banners. It embodies specially crafted algorithms which rely on in‐memory data structures automatically reconstruct Common Platform Enumeration names proficiently extract vulnerabilities from National Vulnerability Database. Compared state art, brings several significant contributions because it encompasses automated identification techniques, can return highly accurate results customized even purposefully modified banners, supports historical without need deploy additional monitoring infrastructures. The experiments performed 1501 services in 12 different institutions across sectors revealed high accuracy total 3922 known vulnerabilities. Copyright © 2015 John Wiley & Sons, Ltd.

Load

Load