Identifying Supervisory Control and Data Acquisition (SCADA) Devices and their Vulnerabilities on the Internet of Things (IoT): A Text Mining Approach

Sagar Samtani, Shuo Yu, Hongyi Zhu, Mark Patton, John Matherly, Hsinchun Chen

Research output: Contribution to journalArticle

5 Scopus citations


Critical infrastructure such as power plants play an integral role in society. Supervisory Control and Data Acquisition (SCADA) systems allow operators to control critical infrastructure. Vendors such as Rockwell Automation and Siemens integrate Internet technology into SCADA devices, allowing operators to remotely control devices. Unfortunately, this connectivity makes SCADA devices prone to cyber-attacks. Shodan, a search engine for the Internet of Things (IoT), contains over 600 million records about publicly available IoT devices, including SCADA. Identifying and assessing vulnerabilities of all SCADA devices in Shodan can mitigate cyber-attacks. However, processing Shodans textual content is a non-trivial task. This study aims to identify and assess the vulnerabilities of all SCADA systems in Shodan using text and data mining approaches in conjunction with state-of-the-art vulnerability assessments. Our approach identified over 550,000 SCADA systems in Shodan. Thousands of devices from major vendors contained critical vulnerabilities such as outdated software or default credential issues.

Original languageEnglish (US)
JournalIEEE Intelligent Systems
StateAccepted/In press - Jan 12 2018



  • Automation
  • Data mining
  • data mining
  • Nessus
  • Object recognition
  • Ports (Computers)
  • Protocols
  • SCADA systems
  • Shodan
  • text mining
  • Tools
  • vulnerability assessment

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Artificial Intelligence

Cite this