VARIoT - Vulnerability and Attack Repository for the Internet of Things

The security of the Internet of Things (loT) has still not gained enough attention from researchers, developers and manufacturers, which results in exposing loT users to possible threats. To make this situation a bit better, we have created, under the VARIoT (Vulnerability and Attack Repository for loT) project, a database of information about vulnerabilities and exploits in the Internet of Things. The article briefly presents the results of our research and development activities aimed at building this database. First of all, we present the sources of information and our approach to build such a database, then we briefly present various steps taken, such as: standardization, aggregation and correlation of information. We also present the self-developed mechanisms of reliability evaluation of information and metainformation extraction based on artificial intelligence and natural language processing. Those mechanisms have been used to ensure a higher level of completeness of information as well as evaluate the usefulness and reliability of the data. We also show how our database can be used and where it could be accessed.