Coder Social home page Coder Social logo

port-forwarding-services's Introduction

Port Forwarding Services Are Forwarding Security Risks

This is the code for Port Forwarding Services Are Forwarding Security Risks.

Overview

Port Forwarding Services (PFSs) emerge in recent years and make the web services deployed in internal networks available on the Internet along with better usability but less complexity compared to traditional techniques (e.g., NAT traversal techniques). This study is the first comprehensive security study on representative PFSs.

The study is made possible through a set of novel methodologies, which are designed to uncover the technical mechanisms of PFS, experiment attack scenarios for PFS protocols, automatically discover and snapshot port-forwarded websites (PFWs) at scale, and classify PFWs into well-observed categories. This repo will release some source code.

Leveraging these methodologies, we have observed the widespread adoption of PFS with millions of PFWs distributed across tens of thousands of ISPs worldwide. Furthermore, 32.31% PFWs have been classified into website categories that serve access to critical data or infrastructure, such as, web consoles for industrial control systems, IoT controllers, code repositories, and office automation systems. And 18.57% PFWs didn't enforce any access control for external visitors. Also identified are two types of attacks inherent in the protocols of Oray (one well-adopted PFS provider), and the notable abuse of PFSes by malicious actors in activities such as malware distribution, botnet operation and phishing.

Datasets Release

Considering many PFWs are sensitive or vulnerable, we decide NOT to publicly release the list of PFW domain names or their snapshots. The PFW snapshots will be deleted once this study is finalized. If you need the PFW domain names or the PFS apex domains, you can request them by contacting corresponding author by email.

Code Release

You may need to read the README.md for dependencies and usage under the specific folder.

The collector-related code is at collector.

The classifier-related code is at classifier.

You can get resulting model from our Hugging Face repo.

Bibtex

@article{wang2024port,
      title={Port Forwarding Services Are Forwarding Security Risks}, 
      author={Haoyuan Wang and Yue Xue and Xuan Feng and Chao Zhou and Xianghang Mi},
      year={2024},
      eprint={2403.16060},
      archivePrefix={arXiv},
      primaryClass={cs.CR}
}

port-forwarding-services's People

Contributors

mirageturtle avatar mixianghang avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.