Datasets
Standard Dataset
Threatpost Attack Stories 2021 (TAS21)
- Citation Author(s):
- Submitted by:
- Megan Ryan
- Last updated:
- Tue, 03/01/2022 - 09:23
- DOI:
- 10.21227/05ax-p722
- Data Format:
- License:
- Categories:
- Keywords:
Abstract
This dataset was created by gathering "attack stories" related to IoT devices from the cybersecurity news site Threatpost. Because there aren't many databases of IoT vulnerabilities, we used Threatpost as an index to recent vulnerabilities, which we then researched using a variety of sources, like academic papers, blog posts, code repositories, CVE entries, government and vendor advisories, product release notes, and whitepapers. Specifically, we looked at articles between January 2020 and June 2021 that were categorized as IoT and/or Vulnerabilities and sorted out which ones were related to vulnerabilities on IoT devices. The data includes such attributes as devices affected, location of the vulnerability within the device, disclosure timeline dates, CVEs, and CWEs. The purpose of the dataset is to provide a basis for understanding recent IoT vulnerabilities and their causes.
Usage
This dataset can be imported and analyzed using a scripting language (like python or PowerShell), or using any tool that deals with JSON-formatted data.
Data organization
- attack_stories:
[ (array of attack stories) - name: string
- Threatpost_date: string (M/D/YYYY)
- attacker_goals: [ strings ]
- IoT_category: [ strings ]
- targets: [ strings ]
- vulnerabilities:
[ (array of vulnerabilities) - devices: [ strings ]
- location: string
- CVE: string
- CWEs: [ strings ]
- OWASP_IoT: string
- CVSS_base: string
- CVSS_vector: string
- CVSS_version: string
- CVSS_severity: string
- CVSS_source: string
- source_code: string
- discovery_date: string (M/D/YYYY)
- vendor_disclosure_date: string (M/D/YYYY)
- fix_release_date: [ strings (M/D/YYYY) ]
- public_disclosure_date: string (M/D/YYYY)
- ]
- ]
Comments
.