Defining the type specification for an IoT attack database

Sammanfattning: The Internet of things (IoT) as an emerging technology provides great opportunities to simplify every day life with devices such as smart fridges and automatic robot vacuum cleaners. However, there lies a challenge in keeping these new devices secure and away from hackers. This report aims to define a database specification for a database to store information about attacks against IoT devices. The intended purpose of the database specification is to help ethical hackers in storing the information about their attack attempts so that future research can make use of previous attacks. By looking at previous penetration tests and by talking to experienced people in the field we have defined a specification that can aid future researchers with their penetration tests given that a database is populated with relevant research according to the specification. The actual effectiveness of the database remains to be proven since an implementation of the database has not been sufficiently populated yet.