{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T21:46:33Z","timestamp":1757540793476,"version":"3.37.3"},"reference-count":32,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2021,4,7]],"date-time":"2021-04-07T00:00:00Z","timestamp":1617753600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2021,4,7]],"date-time":"2021-04-07T00:00:00Z","timestamp":1617753600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100004750","name":"Aeronautical Science Foundation of China","doi-asserted-by":"publisher","award":["20165515001"],"award-info":[{"award-number":["20165515001"]}],"id":[{"id":"10.13039\/501100004750","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61402225"],"award-info":[{"award-number":["61402225"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"State Key Laboratory for smart grid protection and operation control Foundation"},{"name":"Technology Funds from National State Grid Ltd."},{"name":"CyberSec4Europe","award":["H2020-SUICT-03-2018"],"award-info":[{"award-number":["H2020-SUICT-03-2018"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Wireless Com Network"],"published-print":{"date-parts":[[2021,12]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The security of wireless routers receives much attention given by the increasing security threats. In the era of Internet of Things, many devices pose security vulnerabilities, and there is a significant need to analyze the current security status of devices. In this paper, we develop WNV-Detector, a universal and scalable framework for detecting wireless network vulnerabilities. Based on semantic analysis and named entities recognition, we design rules for automatic device identification of wireless access points and routers. The rules are automatically generated based on the information extracted from the admin webpages, and can be updated with a semi-automated method. To detect the security status of devices, WNV-Detector aims to extract the critical identity information and retrieve known vulnerabilities. In the evaluation, we collect information through web crawlers and build a comprehensive vulnerability database. We also build a prototype system based on WNV-Detector and evaluate it with routers from various vendors on the market. Our results indicate that the effectiveness of our WNV-Detector, i.e., the success rate of vulnerability detection could achieve 95.5%.<\/jats:p>","DOI":"10.1186\/s13638-021-01978-4","type":"journal-article","created":{"date-parts":[[2021,4,7]],"date-time":"2021-04-07T17:03:59Z","timestamp":1617815039000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["WNV-Detector: automated and scalable detection of wireless network vulnerabilities"],"prefix":"10.1186","volume":"2021","author":[{"given":"Yanxi","family":"Huang","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3038-6840","authenticated-orcid":false,"given":"Fangzhou","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Liang","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Wezhi","family":"Meng","sequence":"additional","affiliation":[]},{"given":"Simin","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Renjun","family":"Ye","sequence":"additional","affiliation":[]},{"given":"Ting","family":"Lv","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,4,7]]},"reference":[{"issue":"8","key":"1978_CR1","doi-asserted-by":"publisher","first-page":"5379","DOI":"10.1109\/TII.2019.2947435","volume":"16","author":"X Liu","year":"2019","unstructured":"X. Liu, X. Zhang, Noma-based resource allocation for cluster-based cognitive industrial internet of things. IEEE Trans. Ind. Inf. 16(8), 5379\u20135388 (2019)","journal-title":"IEEE Trans. Ind. Inf."},{"issue":"3","key":"1978_CR2","doi-asserted-by":"publisher","first-page":"2052","DOI":"10.1109\/TII.2019.2951728","volume":"17","author":"X Liu","year":"2019","unstructured":"X. Liu, X.B. Zhai, W. Lu, C. Wu, Qos-guarantee resource allocation for multibeam satellite industrial internet of things with noma. IEEE Trans. Ind. Inf. 17(3), 2052\u20132061 (2019)","journal-title":"IEEE Trans. Ind. Inf."},{"issue":"4","key":"1978_CR3","doi-asserted-by":"publisher","first-page":"5971","DOI":"10.1109\/JIOT.2018.2863267","volume":"6","author":"X Liu","year":"2018","unstructured":"X. Liu, X. Zhang, Rate and energy efficiency improvements for 5g-based iot with simultaneous transfer. IEEE Internet Things J. 6(4), 5971\u20135980 (2018)","journal-title":"IEEE Internet Things J."},{"key":"1978_CR4","unstructured":"M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J.A. Halderman, L. Invernizzi, M. Kallitsis, et al. Understanding the mirai botnet. In 26th USENIX Security Symposium, USENIX Security, pp. 1093\u20131110 (2017)"},{"key":"1978_CR5","unstructured":"A Vulnerability in Broadcom Wi-Fi Client Devices. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-15126"},{"key":"1978_CR6","doi-asserted-by":"crossref","unstructured":"M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A.-R. Sadeghi, S. Tarkoma. Iot sentinel: automated device-type identification for security enforcement in IoT. In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2177\u20132184 (2017). IEEE","DOI":"10.1109\/ICDCS.2017.283"},{"issue":"5","key":"1978_CR7","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1109\/TDSC.2014.2369033","volume":"12","author":"SV Radhakrishnan","year":"2014","unstructured":"S.V. Radhakrishnan, A.S. Uluagac, R. Beyah, Gtid: a technique for physical deviceanddevice type fingerprinting. IEEE Trans. Depend. Secure Comput. 12(5), 519\u2013532 (2014)","journal-title":"IEEE Trans. Depend. Secure Comput."},{"key":"1978_CR8","unstructured":"X. Feng, Q. Li, H. Wang, L. Sun, Acquisitional rule-based engine for discovering internet-of-things devices. In 27th USENIX Security Symposium, USENIX Security), pp. 327\u2013341 (2018)"},{"key":"1978_CR9","doi-asserted-by":"crossref","unstructured":"T.D. Nguyen, S. Marchal, M. Miettinen, H. Fereidooni, N. Asokan, A. Sadeghi, D\u00efot: A federated self-learning anomaly detection system for IoT, pp. 756\u2013767 (2019)","DOI":"10.1109\/ICDCS.2019.00080"},{"key":"1978_CR10","doi-asserted-by":"crossref","unstructured":"L. Yu, T. Liu, Z. Zhou, Y. Zhu, Q. Liu, J. Tan, Wdmti: wireless device manufacturer and type identification using hierarchical dirichlet process. In 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), pp. 19\u201327 (2018). IEEE","DOI":"10.1109\/MASS.2018.00015"},{"key":"1978_CR11","unstructured":"L. Yu, B. Luo, J. Ma, Z. Zhou, Q. Liu, You are what you broadcast: identification of mobile and IoT devices from (public) wifi. In 29th$$\\{$$USENIX$$\\}$$Security Symposium ($$\\{$$USENIX$$\\}$$Security 20), pp. 55\u201372 (2020)"},{"key":"1978_CR12","unstructured":"F. Zhu, L. Liu, W. Meng, T. Lv, S. Hu, R. Ye, Scaffisd: a scalable framework for fine-grained identification and security detection of wireless routers. In 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1194\u20131199 (2020). IEEE"},{"key":"1978_CR13","unstructured":"Netcat, Network Debugging and Investigation Tool. https:\/\/nc110.sourceforge.io"},{"key":"1978_CR14","unstructured":"Nmap, the Network Mapper. https:\/\/nmap.org\/"},{"key":"1978_CR15","unstructured":"J. Matherly, Complete guide to shodan. Shodan, LLC (2016-02-25) 1 (2015)"},{"key":"1978_CR16","doi-asserted-by":"crossref","unstructured":"Z. Durumeric, D. Adrian, A. Mirian, M. Bailey, J.A. Halderman, A search engine backed by internet-wide scanning. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 542\u2013553 (2015)","DOI":"10.1145\/2810103.2813703"},{"issue":"1","key":"1978_CR17","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1109\/COMST.2015.2476338","volume":"18","author":"Q Xu","year":"2015","unstructured":"Q. Xu, R. Zheng, W. Saad, Z. Han, Device fingerprinting in wireless networks: challenges and opportunities. IEEE Commun. Surv. Tutor. 18(1), 94\u2013104 (2015)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"1978_CR18","doi-asserted-by":"crossref","unstructured":"K. Gao, C. Corbett, R. Beyah, A passive approach to wireless device fingerprinting. In 2010 IEEE\/IFIP International Conference on Dependable Systems & Networks (DSN), pp. 383\u2013392 (2010). IEEE","DOI":"10.1109\/DSN.2010.5544294"},{"issue":"1","key":"1978_CR19","doi-asserted-by":"publisher","first-page":"65","DOI":"10.13052\/jcsm2245-1439.414","volume":"4","author":"M Abomhara","year":"2015","unstructured":"M. Abomhara et al., Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. J. Cyber Secur. Mob. 4(1), 65\u201388 (2015)","journal-title":"J. Cyber Secur. Mob."},{"key":"1978_CR20","doi-asserted-by":"crossref","unstructured":"M. Shahzad, M.Z. Shafiq, A.X. Liu, A large scale exploratory analysis of software vulnerability life cycles. In 2012 34th International Conference on Software Engineering (ICSE), pp. 771\u2013781 (2012). IEEE","DOI":"10.1109\/ICSE.2012.6227141"},{"key":"1978_CR21","unstructured":"R. Anderson, Security in open versus closed systems\u2014the dance of Boltzmann, Coase and Moore. Technical report, Cambridge University, England (2002)"},{"key":"1978_CR22","unstructured":"U.S. National Vulnerability Database. https:\/\/nvd.nist.gov\/"},{"key":"1978_CR23","unstructured":"Common Vulnerabilities and Exposures. http:\/\/cve.mitre.org\/"},{"key":"1978_CR24","unstructured":"X. Feng, X. Liao, X. Wang, H. Wang, Q. Li, K. Yang, H. Zhu, L. Sun, Understanding and securing device vulnerabilities through automated bug report analysis. In Proceedings of the 28th USENIX Security Symposium (2019)"},{"key":"1978_CR25","unstructured":"Search Results of Router Manger in Google Play. https:\/\/play.google.com\/store\/search?q=router"},{"key":"1978_CR26","unstructured":"T. Mikolov, K. Chen, G. Corrado, J. Dean, Efficient estimation of word representations in vector space. arXiv preprint arXiv:1301.3781 (2013)"},{"key":"1978_CR27","unstructured":"Beautiful Soup, a Python Package for Parsing Documents. https:\/\/www.crummy.com\/software\/BeautifulSoup\/"},{"key":"1978_CR28","doi-asserted-by":"crossref","unstructured":"S. Bird, Nltk: the natural language toolkit. In Proceedings of the COLING\/ACL 2006 Interactive Presentation Sessions, pp. 69\u201372 (2006)","DOI":"10.3115\/1225403.1225421"},{"key":"1978_CR29","unstructured":"Selenium, Web Browser Automation. https:\/\/www.selenium.dev\/"},{"key":"1978_CR30","unstructured":"Full Disclosure Mailing List. https:\/\/seclists.org\/fulldisclosure\/"},{"key":"1978_CR31","unstructured":"Router Manager Keeps Your Network Environment Secure. https:\/\/blog.360totalsecurity.com\/en\/router-manager-keeps-your-network-environment-secure\/"},{"key":"1978_CR32","unstructured":"Revolutionize Your Networking Experience. https:\/\/www.synology.cn\/en-global\/srm"}],"container-title":["EURASIP Journal on Wireless Communications and Networking"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13638-021-01978-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13638-021-01978-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13638-021-01978-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,7]],"date-time":"2021-04-07T17:13:20Z","timestamp":1617815600000},"score":1,"resource":{"primary":{"URL":"https:\/\/jwcn-eurasipjournals.springeropen.com\/articles\/10.1186\/s13638-021-01978-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,7]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2021,12]]}},"alternative-id":["1978"],"URL":"https:\/\/doi.org\/10.1186\/s13638-021-01978-4","relation":{},"ISSN":["1687-1499"],"issn-type":[{"type":"electronic","value":"1687-1499"}],"subject":[],"published":{"date-parts":[[2021,4,7]]},"assertion":[{"value":"8 February 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 March 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 April 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"85"}}