Title: A Large-Scale Analysis of IoT Firmware Version Distribution in the Wild
Abstract: This paper examines the up-to-dateness of installed firmware versions of IoT devices accessible via public internet. It analyzes datasets of 1.06m devices collected from the IoT search engine Censys and maps the results against the latest firmware version each manufacturer offers. By applying the SEMMA data mining process, a fully scalable and adaptive approach is developed. This approach relies on three data artifacts: raw data from Censys, a mapping table with firmware versions and a keyword search list. The preliminary results confirm the heterogeneity of connected IoT devices. They show that manufacturer, device type and country influence the up-to-dateness of firmware. The results suggest users as a "weak link" as they do not update the firmware of their devices in a timely manner. However, the heterogeneity leads to results not showing a high reliability, yet.