The Internet of Things (IoT) is a concept that is getting a lot of attention. IoT devices are growing in popularity and so is the need to protect these devices from attacks and vulnerabilities. Future developers and users of IoT devices need to know what type of devices need extra care and which are more likely to be vulnerable. Therefore this study has researched the correlations between combinations of protocols and software vulnerabilities. Fifteen protocols used by common services over the internet were selected to base the study around. Then an artificial neural network was used to group the devices into 4 groups based on which of these fifteen protocols were running. Publicly disclosed vulnerabilities were then enumerated for all devices in each group. It was found that the percentage of vulnerable devices in each group differed meaning there is some correlation between running combinations of protocols and how likely a device is vulnerable. The severity of the vulnerabilities in the vulnerable devices were also analyzed but no correlation was found between the groups. / Sakernas internet eller Internet of things (IoT) är ett koncept som fått mycket uppmärksamhet. IoT enheter växer drastisk i popularitet, därför är det mer nödvändigt att skydda dessa enheter från attacker och säkerhetsbrister. Framtida utvecklare och användare av IoT system behöver då veta vilka enheter som är mer troliga att ha säkerhetsbrister. Denna studie har utforskat om det finns något samband mellan kombinationer av aktiva protokoll i enheter och säkerhetsbrister. Femton vanligt använda protokoll valdes som bas för studien, ett artificiellt neuralt nätverk användes sedan för att gruppera enheter baserat på dessa protokoll. Kända sårbarheter i enheterna räknades upp för varje grupp. En korrelation mellan kombinationer av protokoll och trolighet för sårbarheter hittades. Allvarlighetsgraden av säkerhetsbristerna i sårbara enheter analyserades också, men ingen korrelation hittades mellan grupperna.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:kth-302147 |
Date | January 2021 |
Creators | Sannervik, Filip, Magdum, Parth |
Publisher | KTH, Skolan för elektroteknik och datavetenskap (EECS) |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Relation | TRITA-EECS-EX ; 2021:433 |
Page generated in 0.0024 seconds