Dario Ferrari, Michele Carminati, Mario Polino, S. Zanero
{"title":"NoSQL崩溃:对错误配置的NoSQL服务的大规模分析","authors":"Dario Ferrari, Michele Carminati, Mario Polino, S. Zanero","doi":"10.1145/3427228.3427260","DOIUrl":null,"url":null,"abstract":"In the last years, NoSQL databases have grown in popularity due to their easy-to-deploy, reliable, and scalable storage mechanism. While most NoSQL services offer access control mechanisms, their default configurations grant access without any form of authentication, resulting in misconfigurations that may expose data to the Internet, as demonstrated by the recent high-profile data leaks. In this paper, we investigate the usage of the most popular NoSQL databases, focusing on automatically analyzing and discovering misconfigurations that may lead to security and privacy issues. We developed a tool that automatically scans large IP subnets to detect the exposed services and performs security analyses without storing nor exposing sensitive data. We analyzed 67,725,641 IP addresses between October 2019 and March 2020, spread across several Cloud Service Providers (CSPs), and found 12,276 misconfigured databases. The risks associated with exposed services range from data leaking, which may pose a significant menace to users’ privacy, to data tampering of resources stored in the vulnerable databases, which may pose a relevant threat to a web service reputation. Regarding the last point, we found 742 potentially vulnerable websites linked to misconfigured instances with the write permission enabled to anonymous users.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"NoSQL Breakdown: A Large-scale Analysis of Misconfigured NoSQL Services\",\"authors\":\"Dario Ferrari, Michele Carminati, Mario Polino, S. Zanero\",\"doi\":\"10.1145/3427228.3427260\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the last years, NoSQL databases have grown in popularity due to their easy-to-deploy, reliable, and scalable storage mechanism. While most NoSQL services offer access control mechanisms, their default configurations grant access without any form of authentication, resulting in misconfigurations that may expose data to the Internet, as demonstrated by the recent high-profile data leaks. In this paper, we investigate the usage of the most popular NoSQL databases, focusing on automatically analyzing and discovering misconfigurations that may lead to security and privacy issues. We developed a tool that automatically scans large IP subnets to detect the exposed services and performs security analyses without storing nor exposing sensitive data. We analyzed 67,725,641 IP addresses between October 2019 and March 2020, spread across several Cloud Service Providers (CSPs), and found 12,276 misconfigured databases. The risks associated with exposed services range from data leaking, which may pose a significant menace to users’ privacy, to data tampering of resources stored in the vulnerable databases, which may pose a relevant threat to a web service reputation. Regarding the last point, we found 742 potentially vulnerable websites linked to misconfigured instances with the write permission enabled to anonymous users.\",\"PeriodicalId\":175869,\"journal\":{\"name\":\"Annual Computer Security Applications Conference\",\"volume\":\"48 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Annual Computer Security Applications Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3427228.3427260\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3427228.3427260","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
NoSQL Breakdown: A Large-scale Analysis of Misconfigured NoSQL Services
In the last years, NoSQL databases have grown in popularity due to their easy-to-deploy, reliable, and scalable storage mechanism. While most NoSQL services offer access control mechanisms, their default configurations grant access without any form of authentication, resulting in misconfigurations that may expose data to the Internet, as demonstrated by the recent high-profile data leaks. In this paper, we investigate the usage of the most popular NoSQL databases, focusing on automatically analyzing and discovering misconfigurations that may lead to security and privacy issues. We developed a tool that automatically scans large IP subnets to detect the exposed services and performs security analyses without storing nor exposing sensitive data. We analyzed 67,725,641 IP addresses between October 2019 and March 2020, spread across several Cloud Service Providers (CSPs), and found 12,276 misconfigured databases. The risks associated with exposed services range from data leaking, which may pose a significant menace to users’ privacy, to data tampering of resources stored in the vulnerable databases, which may pose a relevant threat to a web service reputation. Regarding the last point, we found 742 potentially vulnerable websites linked to misconfigured instances with the write permission enabled to anonymous users.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
