From Disclosure to Exploitation
A Comprehensive Analysis of IoT Vulnerability Targeting and Attacker Decision-Making
Arwa Al Alsadi (TU Delft - Organisation & Governance)
C. Hernandez Ganan – Promotor (TU Delft - Organisation & Governance)
M.J.G. van Eeten – Promotor (TU Delft - Organisation & Governance)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
The rapid growth of Internet-of-Things (IoT) devices, such as smart cameras, home routers, and smart thermostats, has transformed the digital landscape while also introducing new cybersecurity risks. IoT systems are often targeted by attackers due to outdated software, long device lifespans, and fragmented security practices. Although many IoT vulnerabilities are discovered and disclosed, only a small fraction are actually exploited in the wild. This raises important questions about which vulnerabilities are targeted, why attackers choose them, and how long they remain in use.
This dissertation investigates how IoT vulnerabilities are selected for exploitation in practice, with a particular focus on attacker behavior, exploit development, and vulnerability characteristics. It systematically examines the interplay between these factors to understand how they collectively shape exploitation trends in IoT ecosystems. To answer the central research question on What factors shape the exploitation in IoT vulnerabilities, from target selection to exploit development and prediction?, this dissertation presents four peer-reviewed studies....