A Large-Scale Analysis of IoT Firmware Version Distribution in the Wild

TL;DR

This study analyzes the firmware versions of over a million IoT devices accessible via the internet, revealing heterogeneity and delays in updates influenced by manufacturer, device type, and country, highlighting user update behaviors.

Contribution

It introduces a scalable, adaptive data mining approach to assess IoT firmware update status at large scale using Censys data and mapping techniques.

Findings

Device heterogeneity affects firmware update status

Manufacturer and country influence update timeliness

Users are a weak link in firmware maintenance

Abstract

This paper examines the up-to-dateness of installed firmware versions of IoT devices accessible via public internet. It analyzes datasets of 1.06m devices collected from the IoT search engine Censys and maps the results against the latest firmware version each manufacturer offers. By applying the SEMMA data mining process, a fully scalable and adaptive approach is developed. This approach relies on three data artifacts: raw data from Censys, a mapping table with firmware versions and a keyword search list. The preliminary results confirm the heterogeneity of connected IoT devices. They show that manufacturer, device type and country influence the up-to-dateness of firmware. The results suggest users as a "weak link" as they do not update the firmware of their devices in a timely manner. However, the heterogeneity leads to results not showing a high reliability, yet.