Any Internet-connected device is vulnerable to being hacked and misused. Hackers can find vulnerable IoT devices, infect malicious codes, build massive IoT botnets, and remotely control IoT devices through C&C servers. Many studies have been attempted to apply various security features on IoT devices to prevent IoT devices from being exploited by attackers. However, unlike high-performance PCs, IoT devices are lightweight, low-power, and low-cost devices and have limitations on performance of processing and memory, making it difficult to install heavy security functions. Instead of access to applying security functions on IoT devices, Internet-wide scanning (e.g., Shodan) studies have been attempted to quickly discover and take security measures massive IoT devices with weak security. Over the Internet, scanning studies remotely also exist realistic limitations such as low accuracy in analyzing security vulnerabilities due to a lack of device information or filtered by network security devices. In this paper, we propose a system for remotely collecting information from Internet-connected devices and using scanning techniques to identify and manage vulnerability information from IoT devices. The proposed system improves the open-source Zmap engine to solve a realistic problem when attempting to scan through real Internet. As a result, performance measurements show equal or superior results compared to previous Shodan, Zmap-based scanning.

Along with the proliferation of IoT (Internet of Things) devices, cyberattacks towards them are on the rise. In this paper, aiming at efficient precaution and mitigation of emerging IoT cyberthreats, we present a multimodal study on applying machine learning methods to characterize malicious programs which target multiple IoT platforms. Experiments show that opcode sequences obtained from static analysis and API sequences obtained by dynamic analysis provide sufficient discriminant information such that IoT malware can be classified with near optimal accuracy. Automated and accelerated identification and mitigation of new IoT cyberthreats can be enabled based on the findings reported in this study.