Link Search Menu Expand Document

Related work

You need to demonstrate to the reader that you have a good understanding of the previous work in the domain. You can do that in the threat modeling section of your report. Describe each relevant attack vector in the general case (not specifically related to the product that you are investigating, but rather the class of such products). Refer to sources (e.g. papers or presentations at security conferences, blogs etc.).

To convince the reader that you have considered all relevant attacks, make sure to present a significant number of references to previous attacks (presentations on hacker conferences such as DefCon and BlackHat, CVEs, blog posts, etc). Another good idea is to refer to a more or less comprehensive taxonomy or list of attacks. You should at least consider the most important attacks such as OWASP’s IoT Top 10, OWASP’s Top 10, and OWASP’s Top 10 Mobile. Depending on the unit you are testing, other taxonomies might become relevant, including the hacking guides here on, ETSI EN 303 645 Cyber Security for Consumer Internet of Things: Baseline Requirements, the OWASP Web Security Testing Guide, the Cyber Security Body Of Knowledge (CyBOK), Mitre’s Common Weakness Enumeration (CWE), Mitre’s CAPEC, Hezam et al., HackerOne’s taxonomy, BugCrowd’s Common Android App Vulnerabilities, OWASP’s Testing Guide, Mitre’s ATT&CK, and of course the STRIDE threat model.

Another, increasingly useful, source of related work is the set of previous hacking thesis projects. In particular, you may find interesting related work in the references to thesis reports targeting devices similar to the ones you are considering.

Division of Network and Systems Engineering | KTH