This page belongs to a research project conducted by the Electrical and Computer Engineering Department at the University of Michigan, using the ZMap network scanner to perform partial Internet scans. If you were redirected to this page from a machine probing your network, you may find information on our research below.

Why am I being probed?

The connections you are seeing are part of a research project which involves establishing connections to a randomly selected subset of the routed Internet address space, in order to collect information on the range of networked devices and their configurations, and study trends in the Internet ecosystem.

As part of this research, your IP address may receive a handful of packets per day on a selection of common ports. These consist of standard connection attempts followed by RFC-compliant protocol handshakes with responsive hosts. We never attempt to exploit security problems, guess passwords, or change device configurations. We only receive data that is publicly visible to anyone who connects to a particular address and port.

Why are we collecting this data?

The collected data helps us recognize different types of Internet-connected devices, including Internet of Things (IoT) devices, in order to give researchers more visibility into the public Internet. We also use this data to reveal the demographics of devices and device placement patterns on different networks, and gauge the public visibility of networks. We utilize the collected data to develop machine learning technologies for enabling automated decision making based on Internet addresses, as well as facilitating network and security analysis. Conducting these measurements on a continuous basis allows our project to maintain an up-to-date map of devices and their configuration, recognize new devices that show up on our scans, and study trends in technology deployment and security.

We publish our findings for use by researchers worldwide, excluding any identifiable information, and data that may be misused to compromise potentially vulnerable systems. Below are some of our previous publications which leverage Internet scan data:

• Characterizing the Internet Host Population Using Deep Learning: A Universal and Lightweight Numerical Embedding
• Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents

Can I opt out of these measurements?

This research helps the scientific community accurately study the Internet. The data is sometimes used to detect security problems and to inform operators of vulnerable systems so that they can be fixed. If you opt out of the research, you might not receive these important security notifications. However, if you wish to opt-out, you can configure your firewall to drop traffic from the subnet we use for the measurements: 141.213.13.192/28.

For further information, you may contact us at ece-scan-admin@umich.edu.