Threatpost Attack Stories 2021 (TAS21)

Citation Author(s):
Megan
Ryan
Iowa State University
Kristin
Rozier
Iowa State University
Submitted by:
Megan Ryan
Last updated:
Tue, 03/01/2022 - 09:23
DOI:
10.21227/05ax-p722
Data Format:
License:
0
0 ratings - Please login to submit your rating.

Abstract 

This dataset was created by gathering "attack stories" related to IoT devices from the cybersecurity news site Threatpost. Because there aren't many databases of IoT vulnerabilities, we used Threatpost as an index to recent vulnerabilities, which we then researched using a variety of sources, like academic papers, blog posts, code repositories, CVE entries, government and vendor advisories, product release notes, and whitepapers. Specifically, we looked at articles between January 2020 and June 2021 that were categorized as IoT and/or Vulnerabilities and sorted out which ones were related to vulnerabilities on IoT devices. The data includes such attributes as devices affected, location of the vulnerability within the device, disclosure timeline dates, CVEs, and CWEs. The purpose of the dataset is to provide a basis for understanding recent IoT vulnerabilities and their causes.

Instructions: 

Usage

This dataset can be imported and analyzed using a scripting language (like python or PowerShell), or using any tool that deals with JSON-formatted data.

Data organization

  • attack_stories:[ (array of attack stories)
    • name: string
    • Threatpost_date: string (M/D/YYYY)
    • attacker_goals: [ strings ]
    • IoT_category: [ strings ]
    • targets: [ strings ]
    • vulnerabilities:[ (array of vulnerabilities)
      • devices: [ strings ]
      • location: string
      • CVE: string
      • CWEs: [ strings ]
      • OWASP_IoT: string
      • CVSS_base: string
      • CVSS_vector: string
      • CVSS_version: string
      • CVSS_severity: string
      • CVSS_source: string
      • source_code: string
      • discovery_date: string (M/D/YYYY)
      • vendor_disclosure_date: string (M/D/YYYY)
      • fix_release_date: [ strings (M/D/YYYY) ]
      • public_disclosure_date: string (M/D/YYYY)
    • ]
  • ]
Funding Agency: 
NSF

Comments

.

Submitted by Saurabh Bhattacharya on Mon, 02/28/2022 - 05:36