/scans.io

The data on the site is restricted to non-commercial use. A JSON interface is available. Contact support@esrg.stanford.edu with any questions.

Primary LanguageHTML
studies *
--- ---
uniqid toxicity-perspectives
name Designing Toxic Content Classification for a Diversity of Perspectives
status production
long_desc 107,620 social media comments labeled by five annotators each.
short_desc Despite many efforts to automatically identify toxic comments online (including sexual harassment, threats, and identity attacks), modern systems fail to generalize to the diverse concerns of Internet users. This dataset consists of 107,620 social media comments annotated by 17,280 unique participants, and was collected to understand how user expectations for what constitutes toxic content differ across demographics, beliefs, and personal experiences. The dataset is encrypted – please contact Deepak Kumar for the password.
organization
name Stanford University
website https://esrg.stanford.edu

| | contact |
name Deepak Kumar
email kumarde@cs.stanford.edu

| | authors | + Deepak Kumar + Patrick Gage Kelley + Sunny Consolvo + Joshua Mason + Elie Bursztein + Zakir Durumeric + Kurt Thomas + Michael Bailey | | study |
name Designing Toxic Content Classification for a Diversity of Perspectives
venue USENIX Symposium on Usable Privacy and Security (SOUPS) 2021
url Coming Soon.
bibtex

| | tags | + hate and harassment + toxic content detection | | files |

name fingerprint size updated-at
https://scans.io/data/toxicity\_perspectives/toxicity\_ratings.zip

| | scansio | False |

  • | | | | --- | --- | | uniqid | cloud_watching | | name | Cloud Watching: Understanding Attacks Against Cloud-Hosted Services | | status | production | | short_desc | Cloud computing has dramatically changed service deployment patterns. In this work, we analyze how attackers identify and target cloud services in contrast to traditional enterprise networks and network telescopes. Using a diverse set of cloud honeypots in 5providers and 23countries as well as 2educational networks and 1network telescope, we analyze how IP address assignment, geography, network, and service-port selection, influence what services are targeted in the cloud. We find that scanners that target cloud compute are selective: they avoid scanning networks without legitimate services and they discriminate between geographic regions. Further, attackers mine Internet-service search engines to find exploitable services and, in some cases, they avoid targeting IANA-assigned protocols, causing researchers to misclassify at least 15% of traffic on select ports. Based on our results, we derive recommendations for researchers and operators. | | long_desc | We provide the GreyNoise dataset used in our work, which spans 1 week in 2020 and 1 week in 2021. To request more recent GreyNoise data (which is still being collected), please reach out directly to GreyNoise at https://www.greynoise.io/contact/vip. To access the ORION network telescope dataset used in our paper, use the following link: https://www.merit.edu/initiatives/orion-network-telescope/. A COMUNDA dataset for the same ORION network telescope data can be found here, under the name orion_telescope-20200801: https://comunda.isi.edu/artifact/view/2353. The HoneyTrap data used in the work can be found here: . | | organization |
name Stanford University
website https://esrg.stanford.edu

| | contact |
name Liz Izhikevich
email lizhikev@stanford.edu

| | authors | + Liz Izhikevich + Manda Tran + Michalis Kallitsis + Aurore Fass + Zakir Durumeric | | study |
name Cloud Watching: Understanding Attacks Against Cloud-Hosted Services
venue Internet Measurement Conference 2023
url https://lizizhikevich.github.io/assets/papers/cloud\_watching.pdf
bibtex

| | tags | + scanning | | files |

name fingerprint size updated-at
https://scans.io/data/cloud\_watching/greynoise2021.zip
https://scans.io/data/cloud\_watching/greynoise2020.zip

|

  • | | | | --- | --- | | uniqid | lzr | | name | LZR: Identifying Unexpected Internet Services | | status | production | | short_desc | Internet-wide scanning is a commonly used research technique that has helped uncover real-world attacks, find cryptographic weaknesses, and understand both operator and miscreant behavior. Studies that employ scanning have largely assumed that services are hosted on their IANA-assigned ports, overlooking the study of services on unusual ports. In this work, we investigate where Internet services are deployed in practice and evaluate the security posture of services on unexpected ports. We show protocol deployment is more diffuse than previously believed and that protocols run on many additional ports beyond their primary IANA-assigned port. For example, only 3% of HTTP and 6% of TLS services run on ports 80 and 443, respectively. Services on non-standard ports are more likely to be insecure, which results in studies dramatically underestimating the security posture of Internet hosts. Building on our observations, we introduce LZR (Laser), a system that identifies 99% of identifiable unexpected services in five handshakes and dramatically reduces the time needed to perform application-layer scans on ports with few responsive expected services (e.g., 5500% speedup on 27017/MongoDB). We conclude with recommendations for future studies. | | long_desc | We provide the results of a single LZR scan across a random 0.1% sub-sample of IPv4 across all 65,535 ports in August 2020. The results are split across three files. To filter for real services, only include responses which send back data and do not RST (i.e., data is not null and RST = False). The exact scanning parameters used were: ./lzr -t 3 -handshakes tls,http. | | organization |
name Stanford University
website https://esrg.stanford.edu

| | contact |
name Liz Izhikevich
email lizhikev@stanford.edu

| | authors | + Liz Izhikevich + Renata Teixeria + Zakir Durumeric | | study |
name LZR: Identifying Unexpected Internet Services
venue USENIX Security Symposium 2021
url https://lizizhikevich.github.io/assets/papers/lzr.pdf
bibtex

| | tags | + scanning | | files |

name fingerprint size updated-at
https://scans.io/data/lzr/lzr1.json.gz
https://scans.io/data/lzr/lzr2.json.gz
https://scans.io/data/lzr/lzr3.json.gz

|

  • | | | | --- | --- | | uniqid | stanford-multiperspective | | name | On the Origin of Scanning: The Impact of Location on Internet-Wide Scans | | status | production | | short_desc | Fast IPv4 scanning has enabled researchers to answer a wealth of security and networking questions. Yet, despite widespread use, there has been little validation of the methodology’s accuracy, including whether a single scan provides sufficient coverage. In this paper, we analyze how scan origin affects the results of Internet-wide scans by completing three HTTP, HTTPS, and SSH scans from seven geographically and topologically diverse networks. We find that individual origins miss an average 1.6–8.4% of HTTP, 1.5–4.6% of HTTPS, and 8.3–18.2% of SSH hosts. We analyze why origins see different hosts, and show how permanent and temporary blocking, packet loss, geographic biases, and transient outages affect scan results. We discuss the implications for scanning and provide recommendations for future studies. | | long_desc | We provide access to the raw ZMap and ZGrab scans that are run from each network perspectives across three trials. | | organization |
name Stanford University
website http://esrg.stanford.edu

| | contact |
name Gerry Wan
email gerryw@stanford.edu

| | authors | + Gerry Wan + Liz Izhikevich + David Adrian + Katsunari Yoshioka + Ralph Holz + Christian Rossow + Zakir Durumeric | | study |
name On the Origin of Scanning: The Impact of Location on Internet-Wide Scans
venue ACM Internet Measurement Conference (IMC), October 2020
url https://zakird.com/papers/multiperspective.pdf
bibtex

| | tags | + scanning | | files |

name fingerprint size updated=at
https://scans.io/data/multiperspective/trial1\_dns\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_dns\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_dns\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_dns\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_dns\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_dns\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_dns\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_http\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_ssh\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial1\_tls\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_dns\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_dns\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_dns\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_dns\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_dns\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_dns\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_http\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_ssh\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial2\_tls\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_dns\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_http\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_ssh\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_brazil\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_brazil\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_stanford64\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial3\_tls\_stanford64\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_he\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_he\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_ntt\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_ntt\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_telia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial4\_http\_telia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_australia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_australia\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_censys\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_censys\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_germany\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_germany\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_he\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_he\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_japan\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_japan\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_ntt\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_ntt\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_stanford1\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_stanford1\_zmap.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_telia\_zgrab.json.lz4
https://scans.io/data/multiperspective/trial5\_http\_telia\_zmap.json.lz4

| | created_at | | | updated_at | | |