1HVQHOHULQøQWHUQHWLQLQ*YHQOL÷LQGHøQVDQ)DNW|U
Human Factors in Internet of Things Security
Mevlüt Serkan TOK
TOBB ETÜ
%LOJLVD\DU0KHQGLVOL÷L%|OP
mtok@etu.edu.tr
ORCID: 0000-0002-5048-8409
Öz
øQWHUQHWH ED÷OÕ QHVQHOHU XODúÕP VD÷OÕN HQHUML JLEL
VHNW|UOHU LOH DNÕOOÕ ELQD YE X\JXODPDODUGD \R÷XQ
RODUDN NXOODQÕOPDNWDGÕU %X QHVQHOHU RWRPDV\RQ YH
PDOL\HWDYDQWDMODUÕQÕQ\DQÕVÕUD\HQLOLNoL LúPRGHlleri
ve NXOODQÕFÕ GHQH\LPOHUL VXQPDNWDGÕU .XOODQÕFÕODUÕQ
LQWHUQHWHED÷OÕQHVQHOHULQNRQILJUDV\RQODUÕQGDEDVLW
parolalar seçmesi veya bu cihazlarla birlikte gelen
YDUVD\ÕODQ SDURODODUÕ GH÷LúWLUPHPHOHUL FLGGL
JYHQOLN DoÕNODUÕ \DUDWPDNWDGÕU 6RQ \ÕOODUGD Mirai
YE ]DUDUOÕ \D]ÕOÕPODU EX DoÕNOÕNODUÕ V|PUHUHN
oHYULP LoL QHVQHOHUL HOH JHoLUPHNWH YH GD÷ÕWÕN VHUYLV
GÕúÕ EÕUDNPD VDOGÕUÕODUÕQGD VDOGÕUÕ XQVXUX RODUDN
NXOODQDUDN KL]PHW NHVLQWLOHULQH PDGGL ND\ÕSODUD YH
LWLEDU ]HGHOHQPHVLQH QHGHQ ROPDNWDGÕU %X
oDOÕúPDGD NXOODQÕFÕODUÕQ QHVQHOHULQ LQWHUQHWLQH
\|QHOLNJYHQOLNYHULVNDOJÕODUÕQÕQSDURODNXOODQÕPÕ
YH JYHQOL÷LQH GDLU WHUFLKOHULQLQ WHVSLW HGLOmesi ve
LQVDQ IDNW|UQQ QHVQHOHULQ LQWHUQHWL FLKD]ODUÕQÕQ
JYHQOL÷LQGHNL |QHPLQLQ RUWD\D NRQXOPDVÕ
DPDoODQPÕúWÕU .DWÕOÕPFÕODUGDQ DQNHW \|QWHPL LOH
YHUL WRSODQDUDN HOGH HGLOHQ EXOJXODU WDUWÕúÕOPÕú
7UNL\H SD]DUÕQGD QHVQHOHULQ LQWHUQHWL FLKD]ODUÕQÕQ
WHNLO ROPD\DQ YDUVD\ÕODQ SDURODODU LOH NXOODQÕFÕODUD
DU]ÕQÕHQJHOOH\HFHNWHGELUOHU|QHULOPLúWLU
Anahtar Sözcükler: nesnelerin interneti, siber
JYHQOLNSDURODJYHQOL÷LPLUDL, insan faktörü
Abstract
The growing presence of Internet of Things (IoT)
devices has not only contributed in digital
transformation of industry, transportation,
Gönderme ve kabul tarihi: 17.10.2019-17.11.2019
DĂŬĂůĞƚƺƌƺ͗ƌĂƔƚŦƌŵĂ
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 1
$OL$\GÕQ6(/d8.
TOBB ETÜ
%LOJLVD\DU0KHQGLVOL÷L%|OPü
aselcuk@etu.edu.tr
ORCID: 0000-0002-8963-1647
healthcare and many other fields with smart devices
producing and sharing data online; but also
provided innovative business models and novel user
experiences. Configuring internet of things (IoT)
devices with easy or default passwords leads to
serious vulnerabilities. In recent years, malware
(Mirai etc.) which are capable of creating IoT
botnets and organizing distributed denial of service
(DDoS) attacks have given rise to service
disruptions, reputational and financial loss. In this
study, we aimed to emphasize importance of human
factor in IoT device security. To determine users’
perceptions of security and risks related to IoT
devices, preferences of password usage and
password security; a questionnaire was employed to
collect data and findings were discussed. Some
measures to prevent circulation of IoT devices with
common default passwords in Turkish market were
proposed.
Keywords: internet of things, cyber security,
password security, mirai, human factor
1. Giriú
%LOJL WHNQRORMLOHULQLQ KHU JHoHQ JQ KD\DWÕPÕ]GD
GDKDID]OD\HUDOPDVÕLOHLQWHUQHWHED÷OÕYHULDODELOHQ
YH J|QGHUHELOHQ QHVQHOHULQ NXOODQÕPÕ GD
\D\JÕQODúPÕúWÕU 1HVQHOHULQ LQWHUQHWL LQWHUQHW RI
things - Io7  RODUDN GD DGODQGÕUÕODQ EX HNRVLVWHP
sayesinGH QHUHGH\VH KHU ELUH\LQ \DNÕQ oHYUHVLQGH
oHúLWOLDPDoODUODNXOODQÕODQHQD]ELUoHYULPLoLQHVQH
EXODELOPHN PPNQGU >@  \ÕOÕQD NDGDU
LQWHUQHWH ED÷OÕ QHVQHOHULQ VD\ÕVÕQÕQ  PLO\DUÕ
DúPDVÕ EHNOHQPHNWHGLU >@ *HQLú NXOODQÕP DODQÕ
bulunan çevrim içL QHVQHOHU VLEHU VDOGÕUÕODUÕQ KHP
faili hem de hedefi olabilmektedir. OWASP
WDUDIÕQGDn \D\ÕQODQDQ\ÕOÕQHVQHOHULQLQWHUQHWLQL
tehdit eden ilk on zafiyet listesinde nesnelerin
yönetiminde basit, tahmin edilir, herkesçe
HULúLOHELOHQ YH\D GH÷LúWLULOHPH] SDUROD NXOODQÕPÕ LON
VÕUDGDEXOXQPDNWDGÕU>@
20 Eylül 2016’da KrebsOnSecurity isimli siber
JYHQOLN NRQXOX ELU EORJ VLWHVL  *%SV¶\H XODúDQ
ER\XWWD GD÷ÕWÕN KL]PHW GÕúÕ EÕUDNPD VDOGÕUÕVÕQD
(distributed denial of service-''R6  X÷UDPÕúWÕU %X
boyutta bir VDOGÕUÕQÕQ R JQH NDGDU \DSÕOPÕú HQ
E\N GD÷ÕWÕN KL]PHW GÕúÕ EÕUDNPD VDOGÕUÕVÕQÕQ
\DNODúÕNLNLNDWÕROGX÷XGH÷HUOHQGLULOPLúWLU>@0LUDL
ERWQHWRODUDNGDDGODQGÕUÕODQEXVDOGÕUÕ\DGDLUND\QDN
NRGODUÕ  (\OO ¶GD +DFN)RUXPVQHW |UQ
sitesinde “Anna-VHQSDL´ NXOODQÕFÕ DGOÕ ELU úDKÕV
WDUDIÕQGDQ \D\ÕQODQPÕúWÕU >@  (NLP ¶GD
GLQDPLN '16 VD÷OD\ÕFÕVÕ RODQ '\Q¶H \DSÕODQ
VDOGÕUÕQÕQ ER\XWXQXQ  7%SV¶\H XODúWÕ÷Õ WHVSLW
HGLOPLúWLU NL NHQGL WUQQ HQ E\N ER\XWWDNL
VDOGÕUÕVÕ ROPDVÕQÕQ \DQÕ VÕUD |QHPOL VD\ÕGD LQWHUQHW
VLWHVLQLQKL]PHWGÕúÕNDOPDVÕQD \RODoPÕúWÕU'\QEX
VDOGÕUÕ\D NDWÕODQ Xo VLVWHP VD\ÕVÕQÕQ 
FLYDUÕQGD ROGX÷XQX GX\XUPXúWXU >@ 0LUDL ]DUDUOÕ
\D]ÕOÕPÕQÕQ PDQWÕNVDO \DSÕVÕ ùHNLO ¶GH
J|VWHULOPLúWLU
ùHNLO-1: 0LUDL]DUDUOÕ\D]ÕOÕPÕQÕQPDQWÕNVDO\DSÕVÕ.
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 2
2. Art alan
0LUDL ]DUDUOÕ \D]ÕOÕPÕQÕQ orijinal versiyonunun
ND\QDN NRGX LQFHOHQGL÷LQGH NRGODUÕQ o D\UÕ
E|OPGH %RW /RDGHU &1&  WRSODQGÕ÷Õ bot ve
loader bölümlerinin C dili, CNC bölümünün ise Go
GLOL LOH \D]ÕOGÕ÷Õ J|UOPHNWHGLU >@ .D\QDN NRGODUÕ
içerisinde úLIUHOHQHUHN NRGODQPÕú ve root:root,
DGPLQURRWJXHVWJXHVWYE\D\JÕQúHNLOGHNXOODQÕODQ
 IDUNOÕ NXOODQÕFÕ DGÕSDUROD oLIWL ND\ÕWOÕGÕU
øoHULVLQGH EXOXQDQ VFDQQHU LVLPOL PRGO LOH UDVWJHOH
IP adresleri üretmekte, üretilen adresleri ABD
6DYXQPD %DNDQOÕ÷Õ YE ELU NÕVÕP RUJDQL]DV\RQODUÕQ
,3DGUHVOHULQLLoHUHQELUNDUDOLVWH\OHNÕ\DVOD\DUDNEX
RUJDQL]DV\RQODUÕ NDSVDP GÕúÕQGD EÕUDNPDNWDGÕU >@
hUHWLOHQ ,3 DGUHVLQLQ  YH  SRUWODUÕQD ED÷ODQWÕ
WDOHEL J|QGHUHUHN 7HOQHW SURWRNRO DoÕN PÕ NRQWURO
HGLOPHNWH DoÕN ROGX÷X WDNGLUGH ND\ÕWOÕ Sarola
oLIWOHULQL NXOODQDUDN NDED NXYYHW VDOGÕUÕVÕ \DSÕODUDN
7HOQHW ED÷ODQWÕVÕ NXUXOPDNWD RWXUXP DoPD ELOJLOHUL
raporlama sunucusuna gönderilmekte ve yükleyici
DGÕ YHULOHQ ELU VXQXFX WDUDIÕQGDQ FLKD]D \NO
%XV\%R[ X\JXODPDVÕ V|PUOHUHN |QFHGHQ
KD]ÕUODQPÕúLNLOLNRGODUFLKD]D\NOHQPHNWHYHFLKD]
N|OH D÷ÕQD GDKLO HGLOPHNWHGLU >@
.|OH D÷ÕQD GDKLO HGLOHQ FLKD]ODU ]HULQGHQ KHGHI
örün sitelerine DNS flood, SYN flood, ACK flood,
PSH flood, HTTP floRGWHNQLNOHULLOHGD÷ÕWÕNKL]PHW
GÕúÕ EÕUDNPD VDOGÕUÕVÕ \DSDELOPHN PPNQGU >@
0LUDL YH WUHYOHUL WDUDIÕQGDQ HOH JHoLULOHQ FLKD]ODU
DUDVÕQGD úX DQD NDGDU \|QOHQGLULFLOHU GLMLWDO YLGHR
ND\GHGLFLOHU ,3 NDPHUDODU YH \D]ÕFÕODU
EXOXQPDNWDGÕU >@ 3D]DU SD\Õ YH WDVDUÕP XQVXUODUÕ
J|] |QQGH EXOXQGXUXODUDN IDUNOÕ FLKD]ODUÕ HOH
geçirecek varyantlar kodlamak mümkündür [12].
0LUDL¶QLQ RULMLQDO YHUVL\RQXQGD VDGHFH DoÕN SXEOLF 
,3 DGUHVLQH VDKLS FLKD]ODU HWNL DOWÕQD DOÕQPÕúNHQ
+DMLPHJLELGDKDJHOLúPLúYHUVL\RQODUÕ(YUHQVHO7DN-
dDOÕúWÕU 83Q3- 8QLYHUVDO3OXJDQG3OD\ øQWHUQHW$÷
*HoLGL &LKD]Õ ,*'-Internet Gateway Device)
SURWRNROQ GHVWHNOHPH \HWHQH÷L ND]DQPÕú YH ELU
\|QOHQGLULFL DUNDVÕQGDNL \HUHO ,3 DGUHVLQH VDKLS
FLKD]ODUÕGDWHKGLWHGHUKDOHJHOPLúWLU>@.
0LUDL¶QLQND\QDNNRGODUÕQÕQ\D\ÕQODQPDVÕRQXDGHWD
ELU ]DUDUOÕ \D]ÕOÕP úDEORQX KDOLQH JHWLUPLúWLU >@
0LUDL¶QLQND\QDNNRGODUÕQÕQ\D\ÕQODQPDVÕQGDQVRQUD
N|W QL\HWOL NLúLOHUFH JHOLúWLULOHUHN NXOODQÕOPDVÕQD
GHYDP HGLOPLúWLU >@ %X GXUXP 0LUDL WDEDQOÕ
]DUDUOÕ \D]ÕOÕP oHúLWOLOL÷LQL DUWWÕUPÕú YH \HQL ELU
YDU\DQWÕQ RUWD\D oÕNPD VUHVLQL NÕVDOWPÕúWÕU >@
 \ÕOÕQGD LúOHWLOHQ EDO NS WX]DNODUÕQGD 
IDUNOÕ SDUROD YH  IDUNOÕ LNLOL NRGXQ HOH
JHoLULOPHVL IDUNOÕ SRUWODU YH SURWRNROOHU ]HULQGHQ
ED÷ODQWÕ WDOHSOHULQLQ WHVSLWL 0LUDL¶QLQ HYULPOHúPH
KÕ]ÕQÕQ ELU J|VWHUJHVLGLU >@  \ÕOÕQGD WHVSLW
HGLOHQ ]DUDUOÕ WUDIL÷LQ ¶LQL QHVQHOHULQ LQWHUQHWL
NDSVDPÕQGD EXOXQDQ HOH JHoLULOPLú FLKD]ODUÕQ
ROXúWXUGX÷X N|OH D÷ODUÕQ PH\GDQD JHWLUGL÷L YH EX
D÷ODUÕ ROXúWXUDQ ]DUDUOÕ \D]ÕOÕPODUÕQ HQ D] 
RUDQÕQGD 0LUDL LOH EHQ]HU ND\QDN NRGODUÕ NXOODQGÕ÷Õ
WHVSLW HGLOPLúWLU >@  \ÕOÕ PDUW D\Õ LWLEDUL\OH
0LUDL DUGÕOÕ ]DUDUOÕ \D]ÕOÕPODU oHúLWOL DoÕNOÕNODUÕ
V|PUPHQLQ \DQÕ VÕUD YDUVD\ÕODQ SDUROD NXOODQÕPD
yönelik kaba NXYYHW VDOGÕUÕVÕ \DSPD\D GHYDP
HWPLúWLU>@\ÕOÕQLVDQD\ÕLWLEDUL\OH+XDZHLYH
/LQNV\V PDUNDOÕ \|QOHQGLULFLOHU 0LUDL ]DUDUOÕ
\D]ÕOÕPÕQÕQ HYULPOHúPLú YHUVL\RQODUÕQFD VLEHU
VDOGÕUÕ\D X÷UDPÕú YH EX VDOGÕUÕODUGD HVNL WDULKOL
DoÕNOÕNODUGDV|PUOPúWr [20].
 \ÕOÕ KD]LUDQ D\Õ LWLEDUL\OH GQ\D oDSÕQGD 
QXPDUDOÕ SRUWX DoÕN YH LoHULVLQGH %XV\ER[
X\JXODPDVÕ NXUXOX WRSODP  FLKD]
EXOXQGX÷X YH EXQODUÕQ  DGHGLQLQ 7UNL\H
ORNDV\RQOX ROGX÷X; Mirai komuta kontrol
VXQXFXODUÕQÕQ GHVWHNOHGL÷L SURWRNROOHU GRV\D \DSÕVÕ
YH SDUPDN L]L GLNNDWH DOÕQDUDN \DSÕODQ
VRUJXODPDODUGD KDOHQ IDDO GXUXPGD RODQ \DNODúÕN
 VXQXFXQXQ ROGX÷X YH EXQODUÕQ \DUÕVÕQÕQ
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 3
$%'¶GH  WDQHVLQLQ 7UNL\H¶GH EXOXQGX÷X WHVSLW
HGLOPLúWLU >21@ 'ROD\ÕVÕ\OD KDOHQ ]DDIOÕ FLKD]ODUÕQ
NXOODQÕPÕQD ve botnet ROXúWXUPD\D GHYDP HGLOGL÷LQL
GH÷HUOHQGLUPHNPPNQGU
ABD siber olaylara müdahale birimince Mirai vb.
]DUDUOÕ \D]ÕOÕPODUD NDUúÕ DOÕQDFDN LON WHGELULQ WP
YDUVD\ÕODQ SDURODODUÕQ JoO SDURODODU LOH
GH÷LúWLULOPHVLROGX÷XGX\XUXOPXúWXr [22@9DUVD\ÕODQ
SDUROD NXOODQÕPÕQÕQ \DUDWWÕ÷Õ JYHQOLN DoÕNODUÕQÕQ
JLGHULOPHVLDPDFÕ\ODELUNÕVÕPILUPDODU\HQLUHWLOHQ
UQOHULQGHYDUVD\ÕODQSDURODX\JXODPDVÕQÕNDOGÕUPÕú
YHVÕQÕUOÕPLNWDUGDNLUQHJQFHOOHPH\D\ÕQODPÕúWÕU
Ancak güncellenmeyen ikinFL HO UQOHULQ oHúLWOL
VLWHOHU ]HULQGHQ VDWÕúÕQD YH VRQ NXOODQÕFÕ WDUDIÕQGDQ
NXOODQÕPÕQD GHYDP HGLOPHNWHGLU $%' .DOLIRUQL\D
H\DOHW VHQDWRVX WDUDIÕQGDQ \D\ÕQODQDQ ELU \DVD
WDVDUÕVÕ >3@ øQJLOL] 7LFDUHW %DNDQOÕ÷Õ WDUDIÕQGDQ
\D\ÕQODQDQ ELU \|QHWPHOLN >4] ile bu ülkelerde
UHWLFL YH VDWÕFÕODUÕQ SL\DVD\D VXQGX÷X KHU ELU
oHYULPLoL QHVQHQLQ YDUVD\ÕODQ SDURODVÕQÕQ EHQ]HUVL]
ROPDVÕ ]RUXQOX KDOH JHWLULOPLú, Avrupa
7HOHNRPQLNDV\RQ 6WDQGDUWODUÕ (QVWLWV WDUDIÕQGDQ
\D\ÕQODQDQ ETSI TS 103 645 “Cyber Security for
CRQVXPHU,QWHUQHWRI7KLQJV´VWDQGDUWÕLOHWNHWLFL\H
VXQXODQ QHVQHOHULQ LQWHUQHWL FLKD]ODUÕQÕQ JYHQOL
WDVDUÕPÕQD\|QHOLNWHPHOLONHler WHVSLWHGLOPLúWLU>25].
Eylül 2016’da Türkiye’den 13.780 cihaz Mirai
WDUDIÕQGDQ HOH JHoLULOPHVLQH YH HQIHNWH ROPXú FLKD]
EDUÕQGÕUDQ ONHOHU OLVWHVLQGH \HGLQFL VÕUDGD
ROXQPDVÕQD UD÷PHQ >@ ONHPL]GH KHQ] RUWDN ELU
YDUVD\ÕODQ SDUROD LOH \DSÕODQGÕUÕOPÕú D÷ HULúLP
\HWHQHNOL QHVQHOHULQ LWKDODWÕQÕ YH\D VDWÕúÕQÕ
HQJHOOH\HQ\DVDOELUG]HQOHPHEXOXQPDPDNWDGÕU
%X oDOÕúPDGD NXOODQÕFÕODUÕQ QHVQHOHULQ JYHQOL÷LQH
GDLU DOJÕ YH H÷LOLPOHULQL WHVSLW HGHUHN 0LUDL YE
]DUDUOÕ \D]ÕOÕPODUD NDUúÕ ELOJL YH KD]ÕUOÕN G]H\LQL
GH÷HUOHQGLUPHN DPDFÕ\OD  VRV\DO PHG\D
NXOODQÕFÕVÕQÕQ J|QOO RODUDN NDWÕOGÕ÷Õ ELU oHYULP LoL
DQNHW YDVÕWDVÕ\OD YHUL WRSODQPÕú YH HOGH HGLOHQ
EXOJXODUWDUWÕúÕOPÕúWÕU
3. øOJLOLçDOÕúPDODU
 \ÕOÕQGD (6(7 úLUNHWL YH $%' 8OXVDO 6LEHU
*YHQOLN %LUOL÷L 1&6$  WDUDIÕQGDQ JHUoHNOHúWLULOHQ
ELUoDOÕúPDGDNDWÕOÕPFÕQÕQ¶VLQLQHYLQGH-
 FLKD]ÕQ LQWHUQHW HULúLPLQLQ ROGX÷X %29’unun
HYOHULQGHNL PRGHPLQ YDUVD\ÕODQ SDURODVÕQÕ
GH÷LúWLUPHGL÷L NDWÕOÕPFÕODUÕQ ¶QQ HYOHULQGHNL
WHUPRVWDWÕQ NRQWURO YE DPDoODU LoLQ PRELO
X\JXODPD NXOODQGÕ÷Õ ¶LQLQ ZHE NDPHUDODUÕQ
\HWNLVL] NLúLOHUFH HULúLOHELOLU ROGX÷XQXQ IDUNÕQGD
ROGX÷X YH ¶VÕQÕQ ZHE NDPHUDODUÕQÕ NRUXPD\D 4. Yöntem
G|QN KHUKDQJL ELU WHGELU DOPDGÕ÷Õ WHVSLW HGLOPLúWLU
[26]. .DWÕOÕPFÕODU

 \ÕOÕQGD  NDWÕOÕPFÕQÕQ DNÕOOÕ WHOHYL]\RQODUD $UDúWÕUPD - 1LVDQ  WDULKOHUL DUDVÕQGD
yönelik mahremiyet ile ilgili risklere dair \UWOPúWU $UDúWÕUPDQÕQ NDWÕOÕPFÕODUÕQÕ VRV\DO
IDUNÕQGDOÕ÷ÕQÕ |OoPHN DPDFÕ\OD \UWOHQ ELU PHG\D NXOODQÕFÕVÕ ELUH\OHU ROXúWXUPDNWDGÕU
oDOÕúPDGD JHQHO RODUDN GúN VHYL\HGH ELU .DWÕOÕPFÕODUD DLW GHPRJUDILN GD÷ÕOÕP Çizelge-1’de
IDUNÕQGDOÕN ROGX÷X J|UOPú NDWÕOÕPFÕODUÕQ VXQXOPXúWXU
¶VÕQÕQ ULVNOHUH GDLU IDUNÕQGDOÕN VDKLEL ROGX÷X Çizelge-1: .DWÕOÕPFÕODUÕQ'HPRJUDILN'D÷ÕOÕPÕ
WHVSLW HGLOPLúWLU $NÕOOÕ WHOHYL]\RQXQ NXOODQÕODELOLUOLN 'H÷LúNHQ Kategori f %
VHYL\HVLQL GúUPHGL÷L VUHFH PDKUHPL\HWLQ Erkek 217 53.32
NRUXQPDVÕQD GDLU DOÕQDFDN WHGELUOHULQ NXOODQÕFÕODU Cinsiyet
.DGÕQ 190 46.68
WDUDIÕQGDQEHQLPVHQHFH÷LVRQXFXQDYDUÕOPÕúWÕU>7].
18-20 61 14.99
 \ÕOÕ PDUW D\Õ LoHULVLQGH \D\ÕQODQPÕú ELU 21-30 194 47.67
oDOÕúPDGD  NDWÕOÕPFÕ\D oHYULP LoL DQNHW 31-40 124 30.47
X\JXODQPÕúYHNDWÕOÕPFÕODUÕQ¶QQKHUKDQJLELU <Dú
41-50 25 6.14
LQWHUQHWHED÷OÕQHVQH\HVDKLSROPDGÕ÷Õ¶VÕQÕQELU 51-60 3 0.74
QHVQH\H ¶VLQLQ LNL YH\D GDKD ID]OD VD\ÕGD
61 ve üzeri 0 0
QHVQH\H VDKLS ROGX÷X J|UOPúWU .DWÕOÕPFÕODUÕQ
øONRNXO 1 0.25
oR÷XQOX÷X JYHQOLN   YH PDKUHPL\HWLQ  
LQWHUQHWH ED÷OÕ ELU QHVQHQLQ VDKLS ROPDVÕ JHUHNHQ Ortaokul 5 1.23
|]HOOLNOHUGHQ ROGX÷XQX EHOLUWPLúWLU øQWHUQHWH ED÷OÕ Lise 44 10.81
(÷LWLP
bir nesneniQVDKLSROPDVÕJHUHNHQ|]HOOLNOHULQ|QHP Ön lisans 32 7.86
durumu
GHUHFHVLQH J|UH VÕUDODQPDVÕ VRUXVXQGD LVH Lisans 227 55.77
NDWÕOÕPFÕODUÕQ oR÷XQOX÷XQXQ   NXUXOXP Yüksek Lisans 66 16.22
NROD\OÕ÷Õ NXOODQÕP NROD\OÕ÷Õ X\JXQOXN JYHQOLN YH Doktora 32 7.86
PDKUHPL\HW \HULQH PDOL\HW |]HOOL÷LQL LON VÕUDGD
VHoWL÷L WHVSLW HGLOPLúWLU %X GXUXP ³NXOODQÕFÕODU (÷LWLPYH\D +D\ÕU 353 86.73
WDUDIÕQGDQ WHRULN RODUDN JYHQOLN YH PDKUHPL\HWH oDOÕúPDDODQÕ
önem verilse de pratikte maliyetin daha önemli bir bilgi
IDNW|U RODUDN J|UOG÷´ úHNOLQGH \RUXPODQPÕúWÕU teknolojileri /
Evet 54 13.27
[28]. siber güvenlik
ile ilgili mi?
7UNL\H¶GHNL ELOJLVD\DU NXOODQÕFÕODUÕQÕQ ELOJL
JYHQOL÷LQH GDLU JHQHO IDUNÕQGDOÕk seviyelerini
|OoPHN DPDFÕ\OD oRN VD\ÕGD oDOÕúPD \DSÕOPÕúWÕU
[29]-[31@ DQFDN EX oDOÕúPDODU LQFHOHQGL÷LQGH  \ÕOÕQGD 7UNL\H¶GH  PLO\RQ VRV\DO PHG\D
genellikle üniversite vb. bir organizasyon bünyesinde NXOODQÕFÕVÕ ROGX÷X >32] göz önünde bulundurularak
NÕVÕWOÕ ELU HYUHQL WHPVLO HGHQ |UQHNOHP LOH LFUD  JYHQ G]H\LQGH YH  KDWD SD\Õ GLNNDWH
HGLOGL÷LJ|UOPHNWHGLU<DSÕODQOLWHUDWUWDUDPDVÕQGD DOÕQGÕ÷ÕQGD  NDWÕOÕPFÕGDQ ROXúDQ ELU |UQHNOHPLQ
ONHPL]GHNLNXOODQÕFÕODUÕQQHVQHOHULQLQWHUQHWLQHGDLU VRV\DO PHG\D NXOODQÕFÕODUÕQÕ WHPVLO HGHELOHFH÷L
JYHQOLNDOJÕVÕQÕYH\DIDUNÕQGDOÕNG]H\LQL|OoHQELU GH÷HUOHQGLULOPLúWLU  *|QOOON HVDVÕQD J|UH WRSODP
oDOÕúPD\DUDVWODQÕOPDPÕúWÕU  NXOODQÕFÕ DUDúWÕUPD\D NDWÕOPÕú  NXOODQÕFÕ
DUDúWÕUPD\ÕWDPDPODPÕúWÕU.DWÕOÕPFÕODUÕQDUDúWÕUPD\Õ
WDPDPODPD RUDQÕ ¶GÕU .DWÕOÕPFÕODU ZZZ
facebook.com, www.linkedin.com,
www.twitter.com, www.eksisozluk.com örün siteleri
]HULQGHQ HULúLP OLQNL LoHULU GDYHW PHWQL
SD\ODúÕOPDVÕ VXUHWL\OH DUDúWÕUPD\D GDYHW HGLOPLúWLU
.DWÕOÕPFÕODUÕQ DUDúWÕUPD\D NDWÕOÕPÕQÕ WHúYLNH \|QHOLN
herhangi bir motivasyon (ödeme vb.)
VD÷ODQPDPÕúWÕU

TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 4
Veri toplama aUDFÕ 5. Bulgular
$QNHWOHU XFX] ELU \|QWHP ROPDVÕ YH PHYFXW øúOHWLPsistemi ve web tDUD\ÕFÕtercihleri
GDYUDQÕúODUÕQ WHVSLWL KXVXVXQGD YHUL WRSODPD\D
X\JXQOX÷X QHGHQL\OH WHUFLK HGLOPHNWHGLU >3]. Bu .DWÕOÕPFÕODUÕQ E\N oR÷XQOX÷X  
oDOÕúPDGD ELULQFLO YHULOHU oHYULPLoL DQNHW YDVÕWDVÕ\OD ELOJLVD\DUODUÕQGD LúOHWLP VLVWHPL RODUDN |QFHOLNOH
toSODQPÕúWÕU $UDúWÕUPD WDUDPD PRGHOL NXOODQÕODUDN :LQGRZV GD÷ÕWÕPODUÕQÕ WHUFLK HWPLúWir. Örün siteleri
JHUoHNOHúWLULOPLúWLU $QNHWLQ JHOLúWLULOPHVLQGH DODQ ]L\DUHWOHULQGH NDWÕOÕPFÕODUÕQ oR÷XQOXNOD  
\D]ÕQGDNLEHQ]HUDUDúWÕUPDODUGDQID\GDODQÕOPÕúWÕU *RRJOH &KURPH ZHE WDUD\ÕFÕVÕQÕ NXOODQGÕNODUÕ WHVSLW
HGLOPLúWLU .DWÕOÕPFÕODUÕQ LúOHWLP VLVWHPL YH ZHE
Anket üçüncü taraf bir örün sitesi üzerinden WDUD\ÕFÕWHUFLKOHULQLQWHVSLWLQH\|QHOLNVRUXODQVRUXODU
JHUoHNOHúWLULOPLúWLU 0RELO FLKD]ODU YH ELOJLVD\DU YHYHULOHQ\DQÕWODUÇizelge-2¶GHVXQXOPXúWXU
üzerinGHQ DQNHWH NDWÕOÕP VD÷ODQPÕú VLWH WDUDIÕQGDQ
WXWXODQ oHUH] ELOJLVL LOH D\QÕ FLKD]ODUGDQ NDWÕOÕP Çizelge-2: øúOHWLP6LVWHPLYH:HE7DUD\ÕFÕ
Tercihleri
HQJHOOHQPLúWLU $QNHW |QFHVLQGH NDWÕOÕPFÕODUGDQ H-
Soru f %
SRVWD DGUHVL YE NLúLVHO ELOJLOHU WDOHS HGLOPHPLú
S5 - %LOJLVD\DUÕQÕ]GD Windows
DQNHWPGGHWLQFH,3DGUHVLELOJLVLWXWXOPDPÕúWÕU Her 369 91,11
KDQJLLúOHWLPVLVWHPLQL GD÷ÕWÕPODUÕ
bir NDWÕOÕPFÕ\D DQNHWH NDWÕOGÕ÷Õ DQGDQ LWLEDUHQ ELU
NXOODQÕ\RUVXQX]" Mac OS 58 14,32
NLPOLN QXPDUDVÕ DWDQPÕú YH \DQÕWODU EX NLPOLN %LUGHQID]ODVHoHQH÷L Linux
QXPDUDVÕ VDWÕUÕQD ND\GHGLOPLúWLU $QNHW LúDUHWOH\HELOLUVLQL] GD÷ÕWÕPODUÕ
27 6,67
EDúODQJÕFÕQGDNDWÕOÕPFÕODUDD\GÕQODWÕOPÕúRQDPPHWQL Google
YDVÕWDVÕ\OD ELOJL YHULOPLú YH J|QOO UÕ]DODUÕ 351 86,67
Chrome
DOÕQPÕúWÕU$QNHWVRQXQGDDQOÕNLVWDWLVWLNVHOVRQXoODU S10 - %LOJLVD\DUÕQÕ]GD Mozilla
NDWÕOÕPFÕODUD J|VWHULOPLúWLU $QNHW WRSODP RQ DOWÕ 122 30,12
KDQJLZHEWDUD\ÕFÕ\Õ Firefox
VRUXGDQ ROXúPDNWDGÕU .XOODQÕFÕODUÕQ GHPRJUDILN NXOODQÕ\RUVXQX]" Opera 87 21,48
ELOJLOHUL G|UW VRUXGD LúOHWLP VLVWHPL YH ZHE WDUD\ÕFÕ %LUGHQID]ODVHoHQH÷L Internet
75 18,52
tercihleri iki VRUXGD SDUROD NXOODQÕPÕ YH LúDUHWOH\HELOLUVLQL] Explorer
JYHQOL÷LQHGDLUH÷LOLPOHU EHúVRUXGDQHVQHOHULQ Safari 57 14,07
LQWHUQHWLYHVLEHUJYHQOLNNRQXVXQGDNLH÷LOLPOHU Yandex 41 10,12
G|UW VRUXGD |OoOPúWU .DWÕOÕPFÕODUGDQ LVWH÷H Microsoft
29 7,16
ED÷OÕ EH\DQ HGLOHQ J|Uú YH |QHULOHU DoÕN XoOX Edge
FHYDS YHULOHQ VRQ VRUX\OD WRSODQPÕúWÕU $QNHWWH TOR 27 6,67
toplamda dokuz adet çoktan seçmeli (tek
FHYDSOÕ EHúDGHWoRNWDQVHoPHOL oRNFHYDSOÕ  3DURODNXOODQÕPÕYHJYHQOL÷LQHGDLUH÷LOLPOHU
ELU DGHW VÕUDODPD ELU DGHW DoÕN XoOX VRUX
VRUXOPXúWXU .DWÕOÕPFÕODUÕQSDURODNXOODQÕPÕQDYHJYHQOL÷LQHGDLU
DOJÕ YH WHUFLKOHULQL EHOLUOHPHN DPDFÕ\OD WRSODP DOWÕ
Verilerin analizi DGHWVRUXVRUXOPXúWXU
9HULOHU VRQXoODUÕQ DQDOL]LYH LNL GH÷LúNHQOL .L-Kare .DWÕOÕPFÕODUGDQ JQON \DúDQWÕODUÕQGD NXOODQGÕNODUÕ
WHVWL RODUDN LNL WHPHO NDWHJRUL DOWÕQGD DQDOL] DOWÕ D\UÕ SDUROD\Õ |QHP GHUHFHVLQH J|UH VÕUDODPDODUÕ
HGLOPLúWLU 7P DQDOL]OHU ,%0 6PSS Statistics V.22 LVWHQPLúWLU (Q |QHPOL SDUROD RODUDN LQWHUQHW
\D]ÕOÕPÕLOHJHUoHNOHúWLULOPLúWLU EDQNDFÕOÕN SDURODVÕ VHoLOPLú VÕUDVÕ\OD H-SRVWD KHVDEÕ
$QNHWWH\HUDODQPDGGHOHULQWRSODQGÕ÷ՁoDQDEDúOÕN SDURODVÕ VRV\DO PHG\D KHVDEÕ SDURODVÕ HYOHULQGHNL
RODQLúOHWLPVLVWHPLYHZHEWDUD\ÕFÕWHUFLKOHULSDUROD yönlendiricinin (modem) yönetici parolasÕ WDNLS
NXOODQÕPÕ YH JYHQOL÷LQH GDLU H÷LOLPOHU QHVQHOHULQ HGLOHQ ELU IRUXP VLWHVLQLQ SDURODVÕ YH WHNUDU JLUPH\L
LQWHUQHWL YH VLEHU WHKGLW DOJÕODUÕ LOH LOJLOL VRUXODUÕQ GúQPHGLNOHUL ELU VLWHQLQ SDURODVÕ NDWÕOÕPFÕODUFD
\DQÕWODUÕ\]GHYHIUHNDQVLOHEHWLPOHQPLúWLU |QHPOLJ|UOPúWU

Bilgi teknolojileri veya siber güvenlik konusunda 3DURODWUOHULQLQNDWÕOÕPFÕODUFDEHOLUOHQPLúVÕUDVÕJ|]

H÷LWLPJ|UPúYH\DEXDODQODUGDoDOÕúDQNDWÕOÕPFÕODU önünde bulundurularak (1) QXPDUDOÕGHQNOHP ile her
³ELOJL VDKLEL NDWÕOÕPFÕ´ RODUDN VÕQÕIODQGÕUÕOPÕú YH EX ELUSDURODQÕQ|QHPVNRUXKHVDSODQPÕúWÕU
NLúLOHULQ \DQÕWODUÕQÕQ GL÷HU NDWÕOÕPFÕODUÕQ \DQÕWODUÕ\OD
QHNDGDUIDUNOÕODúWÕ÷Õ.L-.DUHWHVWLLOHLQFHOHQPLúWLU

TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 5
Sa= 6*k1+5*k2+4*k3+3*k4+2*k5+1*k6 (1)
n GH÷LúWLULUNHQ ¶QQ YDUVD\ÕODQ SDUROD\Õ
™Ni
i=1
Sa D SDURODVÕQÕQ VNRUXQX Ni D SDURODVÕQÕ L |QHP
GHUHFHVLQH VDKLS SDUROD RODUDN VHoHQ NDWÕOÕPFÕ
VD\ÕVÕQÕWHPVLOHWPHNWHGLU +HVDSODQDQ|QHPVNRUODUÕ
ùHNLO-2¶GHVXQXOPXúWXU
.DWÕOÕPFÕODUÕQ oR÷XQOX÷X ELU SDURODQÕQ JoO
ROPDVÕQÕQ   YH KDWÕUODQPDVÕQÕQ NROD\
ROPDVÕQÕQ   SDUROD VHoLPLQGH HQ |QHPOL
IDNW|U ROGX÷XQX GúQPHNWHGLU .DWÕOÕPFÕODUÕQ
¶L NHQGLOHULQH J|VWHULOHQ EHú D\UÕ SDURODGDQ
“7ujMkRDGPLQ´ SDURODVÕQÕ HQ   JYHQOL    SDUROD
RODUDNVHoPLúWLU³6(D\V´SDURODVÕNDWÕOÕPFÕODUÕQ
¶VL WDUDIÕQGDQ HQ JYHQOL SDUROD RODUDN WHUFLK
HGLOPLúWLU.DWÕOÕPFÕODUÕQoR÷XQOX÷X  SDUROD
VHoHUNHQKDOHQNXOODQGÕ÷ÕELUNDoSDURODEXOXQGX÷XQX
YH EX SDURODODU DUDVÕQGDQ VHoLP \DSWÕ÷ÕQÕ EH\DQ
HWPLúNDWÕOÕPFÕODUÕQoR÷XQOX÷X  SDURODODUÕQÕ
VDNODPD \|QWHPL RODUDN DNÕOGD WXWPD VHoHQH÷LQL
WHUFLK HWPLúWLU .DWÕOÕPFÕODUÕQ SDUROD NXOODQÕPÕ YH
JYHQOL÷LQH GDLU H÷LOLPOHULQLQ WHVSLWLQH \|QHOLN
sorulDQ VRUXODU YH YHULOHQ \DQÕWODU Çizelge-3’te
VXQXOPXúWXU
1HVQHOHULQLQWHUQHWLYHVLEHUWHKGLWDOJÕODUÕ
.DWÕOÕPFÕODUÕQ QHVQHOHULQ LQWHUQHWLQLQ JYHQOL÷L YH
VLEHU WHKGLW DOJÕODUÕQÕ WHVSLW HWPHN DPDFÕ\OD VRUXODQ
G|UW DGHW VRUX\D YHULOHQ \DQÕWODU Çizelge-4’te
VXQXOPXúWXU .DWÕOÕPFÕODUÕQ ¶LQLQ VDWÕQ
DOGÕNODUÕ PRGHP ,3 NDPHUD YE ELU FLKD]OD ELUOLNWH
ùHNLO-2: .DWÕOÕPFÕODUÕQSDUROD|QHPVÕUDODPDVÕVRQXFXKHVDSODQDQ|QHPVNRUODUÕ
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 6
YHULOHQ SDUROD\Õ FLKD]ÕQ LON NXUXOXPX HVQDVÕQGD
GH÷LúWLUPHGHQ sürekli NXOODQGÕ÷Õ EHOLUOHQPLúWLU
KDWÕOÕPFÕODUÕQ ELOGL÷L J|UOPúWU .DWÕOÕPFÕODUÕQ
¶VÕQÕQ PRGHP \|QOHQGLULFL  FLKD]ÕQÕQ ELU
VLEHU VDOGÕUÕ\D PDUX] NDODELOHFH÷LQL ELOGL÷L
¶QQ NDEORVX] \D]ÕFÕODUÕQ VLEHU VDOGÕUÕ\D
PDUX]NDODELOHFH÷LQLELOGL÷LWHVSLWHGLOPLúWLU
Bilgi sahibi kaWÕOÕPFÕ \DQÕWODUÕQÕQ GL÷HU NDWÕOÕPFÕ
\DQÕWODUÕ\ODNDUúÕODúWÕUÕOPDVÕ
$UDúWÕUPD\DNDWÕODQELUH\OHUHELOJLWHNQRORMLOHULYH\D
VLEHU JYHQOLN ]HULQH H÷LWLP DOÕS DOPDGÕNODUÕ YH\D
EX DODQGD oDOÕúÕS oDOÕúPDGÕNODUÕ VRUXODUDN ELOJL
teknolojileri ve siber güvenlik konusunda bilgi sahibi
ROGX÷X GH÷HUOHQGLULOHQ ELUH\OHU WHVSLW HGLOPLú YH
NÕVDFD ³ELOJL VDKLEL NDWÕOÕPFÕ´ RODUDN
VÕQÕIODQGÕUÕOPÕúWÕU7RSODQDQ\DQÕWODUÕQNDWHJRULNYHUL
ROPDPDVÕ QHGHQL\OH LNL VRUX .L-Kare testine tabi
tutulmadan Çizelge-5’te J|UOG÷ ]HUH çapraz
NDUúÕODúWÕUPD\DSÕOPÕúEHúVRUX\DYHULOHQ\DQÕWODULVH
G]HQOHQHUHNNDWÕOÕPFÕODUÕQYHUGLNOHUL\DQÕWODUÕQELOJL
VDKLEL ROPD GH÷LúNHQLQH J|UH oDSUD]ODQPDVÕ LOH .L-
.DUH WHVWL JHUoHNOHúWLULOPLú YH GD÷ÕOÕPODU DUDVÕQGD
LVWDWLVWLNVHODoÕGDQDQODPOÕIDUNEXOXQXSEXOXQPDGÕ÷Õ
WHVSLWHGLOPLúWLU
%LOJL VDKLEL NDWÕOÕPFÕODUÕQ ELU |UQ VLWHVLQH VLEHU
VDOGÕUÕ \DSDELOHFHN FLKD]ODUÕ GR÷UX VHoPH RUDQÕQÕQ
GL÷HU NDWÕOÕPFÕODUD RUDQOD GDKD \NVHN ROGX÷X
J|UOPúWU %HQ]HU ELU úHNLOGH EX NDWÕOÕPFÕODUÕQ
VLEHU VDOGÕUÕ\D PDUX] NDODELOHFHN FLKD]ODUÕ WHVSLW
etme oUDQÕQÕQGL÷HUNDWÕOÕPFÕODUDRUDQODGDKD\NVHN
ROGX÷XJ|UOPúWU
 Çizelge-3: 3DUROD.XOODQÕPÕQD'DLU$OJÕYH7HUFLKOHU
Soru f %
*oOROPDOÕ ]RUWDKmin edilmeli) 320 79,01
S12 - Sizce bir parola seçiminde en
+DWÕUODPDVÕNROD\ROPDOÕ 183 45,19
önemli faktör nedir?
(÷OHQFHOLYH\DLOJLQoROPDOÕ 26 6,42
%LUGHQID]ODVHoHQH÷L
.ÕVDROPDOÕNROD\\D]ÕOPDOÕ 13 3,21
LúDUHWOH\HELOLUVLQL]
'L÷HU 13 3,21
7ujMko0admin 193 47,65
SEays214. 189 46,67
S13 - 6L]FHDúD÷ÕGDNLSDURODODUGDQKDQJLVL
Nisan2019. 10 2,47
HQJYHQOLSDURODGÕU"
147258 9 2,22
I love you2 4 0,99
.XOODQGÕ÷ÕPELUNDoSDURODPYDURQODUÕQDUDVÕQGDQ
265 65,43
seçerim.
+HUKHVDSLoLQD\UÕSDURODVHoHULP 69 17,04
S14 – 3DURODODUÕQÕ]ÕQDVÕOVHoHUVLQL]"
dR÷XQOXNODD\UÕSDURODODUVHoHrim, bunlar nadiren
45 11,11
ELUELULQLQD\QÕRODELOLU
+HSVLD\QÕSDURODGÕU 26 6,42
$NOÕPGDWXWDUÕP 282 69,63
%LOJLVD\DUÕPGDYH\DFHSWHOHIRQXPGDELUGRV\D
49 12,1
üzerine kaydederim.
S15 – 3DURODODUÕQÕ]ÕoR÷XQOXNODQDVÕO
.k÷ÕGDSRVW-LWYEIL]LNVHOELURUWDPD\D]DUÕP 29 7,16
VDNODPD\ÕWHUFLKHGHUVLQL]"
:HEWDUD\ÕFÕPDKDWÕUODPDVÕLoLQND\GHGHULP 20 4,94
3DUROD\|QHWLPSURJUDPÕNXOODQÕUYHRQDND\GHGHULP 23 5,65
'L÷HU 2 0,49

Çizelge-4: 1HVQHOHULQøQWHUQHWLYH6LEHU7HKGLW$OJÕVÕ
Soru f %
S4 - 6DWÕQDOGÕ÷ÕQÕ]ELUFLKD]ODYHULOHQ .XOODQPDGDQLONNXUXOXPGDGH÷LúWLULULP 241 59,51
örn. yönlendirici (modem), IP kamera D\DNDGDUNXOODQÕUÕP 4 0,99
YELOHELUOLNWHYHULOHQ\|QHWLFLSDURODVÕQÕ D\DNDGDUNXOODQÕUÕP 12 2,96
(örn. admin, root vb.) ne kadar süreyle D\DNDGDUNXOODQÕUÕP 30 7,41
NXOODQÕUVÕQÕ]" 6UHNOLNXOODQÕUÕP 118 29,14
1-Hedef olma ihtimalim yoktur. 68 16,79
S6 - %LUVLEHUVDOGÕUÕQÕQKHGHILROPD 2-Hedef olPDLKWLPDOLPD]GÕU 184 45,43
ihtimalinizi 1-DUDVÕQGDSXDQOD\ÕQÕ]  3-+HGHIROXSROPDPDLKWLPDOLPD\QÕGÕU 112 27,65
en yüksek ihtimal) 4-Hedef olma ihtimalim yüksektir. 20 4,94
5-Kesinlikle hedefim. 21 5,19
Yönlendirici (modem) 267 65,93
IP kamera 174 42,96
S9 - $úD÷ÕGDNLFLKD]ODUGDQKDQJLOHUL\OH
Kablosuz bebek monitörü 91 22,47
ELUZHEVLWHVLQHVLEHUVDOGÕUÕ\DSÕODELOLU"
'LMLWDOYLGHRND\ÕWFLKD]Õ '95 86 21,23
(Birden fazla VHoHQH÷L
.DEORVX]\D]ÕFÕ 82 20,25
LúDUHWOH\HELOLUVLQL]
79X]DNWDQNXPDQGDVÕ 28 6,91
Fotoselli lamba 18 4,44
Yönlendirici (modem) 306 75,56
S11 - AúD÷ÕGDNLFLKD]ODUGDQKDQJLOHUL $NÕOOÕWHOHYL]\RQ 295 72,84
VLEHUVDOGÕUÕODUDPDUX]NDODELOLU" IP kamera 279 68,89
%LUGHQID]ODVHoHQH÷L Kablosuz bebek monitörü 183 45,19
LúDUHWOH\HELOLUVLQL] .DEORVX]\D]ÕFÕ 180 44,44
$NÕOOÕEX]GRODEÕ 174 42,96
Mutfak robotu 27 6,67
Elektrikli süpürge 20 4,94

TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 7
Çizelge-%LOJL6DKLEL2OPD'H÷LúNHQLQH*|UH %LU VLEHU VDOGÕUÕQÕQ KHGHIL ROPD LKWLPDOLQH GDLU KHU
<DQÕWODUÕQ.DUúÕODúWÕUPDVÕ LNL NDWÕOÕPFÕ JUXEXQ YHUGLNOHUL \DQÕWODU DUDVÕQGD
LVWDWLVWLNVHO DoÕGDQ DQODPOÕ IDUN EXOXQGX÷X WHspit
Bilgi sahibi HGLOPLúWLU%LOJLVDKLELNDWÕOÕPFÕODUGDQNHQGLOHULQLELU
NDWÕOÕPFÕPÕ" VLEHUVDOGÕUÕQÕQKHGHILROPDLKWLPDOLQLoRN\NVHNYH
Evet +D\ÕU NHVLQ RODUDN GH÷HUOHQGLUHQOHULQ RUDQÕ  LNHQ
Soru (%) (%)
GL÷HU NDWÕOÕPFÕODUGD EX RUDQ ¶GLU Ki-Kare
Modem 83,3 62,8
S9 - $úD÷ÕGDNL WHVWLQH WDEL WXWXODQ \DQÕWODUD \|QHOLN LVWDWistiksel
Dijital video
cihazlardan 31,4 19,5 DQDOL]VRQXoODUÕÇizelge-6¶GDVXQXOPXúWXU
ND\ÕWFLKD]Õ
hangileriyle bir
web sitesine
Kablosuz bebek
35,1 20,3 6. 7DUWÕúPD
monitörü
VLEHUVDOGÕUÕ .DWÕOÕPFÕODUÕQ SDUROD VHoHUNHQ ]RU WDKPLQ HGLOHQ YH
IP kamera 53,7 41
\DSÕODELOLU" DNÕOGD NDOÕFÕOÕ÷Õ EXOXQDQ SDURODODUÕ WHUFLK HWPHVL
.DEORVX]\D]ÕFÕ 37 17 bireylerde belirli bir güvenli parola seçim kriterinin
Kablosuz bebek ROXúWX÷XQX J|VWHUPHNWHGLU .DWÕOÕPFÕlar yeni bir
61,1 42,4
monitörü SDUROD EHOLUOHUNHQ NXOODQGÕNODUÕ ELUNDo SDUROD
S11 - $úD÷ÕGDNL
IP kamera 77,7 67,3 LoHULVLQGHQ VHoLP \DSPDNWD YH SDURODODUÕQÕ GL÷HU
cihazlardan VDNODPD \|QWHPOHULQH QD]DUDQ DNÕOGD WXWPD\Õ WHUFLK
$NÕOOÕ79 74 72,5
hangileri siber HWPHNWHGLU .DWÕOÕPFÕODU HYOHULQGHNL \|QOHQGLULFLQLQ
$NÕOOÕEX]GRODEÕ 53,7 41
VDOGÕUÕODUDPDUX] \|QHWLFL SDURODVÕQÕ EDQNDFÕOÕN H-posta ve sosyal
Yönlendirici
kalabilir? 83,3 74,2 PHG\D KHVDS SDURODODUÕQGDQ GDKD |QHPVL]
(modem)
görmektedir.
.DEORVX]\D]ÕFÕ 57,4 42,4
.DWÕOÕPFÕODUNDUDNWHUVD\ÕVÕID]ODYHIDUNOÕ|]QLWHOLNOL
%LOJL VDKLEL NDWÕOÕPFÕODU LOH GL÷HU NDWÕOÕPFÕODUÕQ VDWÕQ NDUDNWHUOHUGHQ ROXúDQ SDURODODUÕQ JYHQOL ROGX÷XQX
DOÕQDQ FLKD]ODUGDNL YDUVD\ÕODQ SDURODODUÕ LON ELOPHNWHGLU $QFDN o \ÕOGÕU oHúLWOL VLEHU VDOGÕUÕODUGD
NXUXOXPGD GH÷LúWLUPH RUDQODUÕ DUDVÕQGD LVWDWLVWLNVHO rolü olan 0LUDL]DUDUOÕ\D]ÕOÕPÕQÕQ ND\QDNNRGODUÕQGD
DoÕGDQ DQODPOÕ IDUN EXOXQGX÷X J|UOPúWU %LOJL NÕUÕODFDNSDURODODUDUDVÕQGDEXOXQDQYHDahua marka
VDKLELNLúLOHULQVDWÕQDOGÕNODUÕPRGHP,3NDPHUDJLEL ELU NÕVÕP ,3 NDPHUDODUÕQ YDUVD\ÕODQ SDURODVÕ ROGX÷X
FLKD]ODUOD ELUOLNWH YHULOHQ YDUVD\ÕODQ SDUROD\Õ LON bilinen ³XM0NRDGPLQ´ VHoHQH÷LQLQ NDWÕOÕPFÕODUÕQ
NXUXOXPGD GH÷LúWLUPH RUDQÕ  LNHQ GL÷HU oR÷XQOX÷X WDUDIÕQGDQ HQ JYHQOL SDUROD RODUDN WHUFLK
NDWÕOÕPFÕODUGDEXRUDQ¶GLU HGLOPHVL NDWÕOÕPFÕODUÕQ 0LUDL WDUDIÕQGDQ KHGHI DOÕQDQ
SDURODNWSKDQHVLQLELOPHGL÷LQLJ|VWHUPHNWHGLU
Güvenli parola seçim sorusunda bilgi sahibi
KDWÕOÕPFÕODU oR÷XQOXNOD VDWÕQ DOGÕNODUÕ ELU FLKD]ÕQ
NDWÕOÕPFÕODULOHGL÷HUNDWÕOÕPFÕODUÕQ³XM0NRDGPLQ´
YDUVD\ÕODQ SDURODVÕQÕ LON NXUXOXPGD GH÷LúWLUPHNWHGLU
YH³6(D\V´VHoHQHNOHULQLWHUFLKHWPHRUDQODUÕQGD DQFDN KHU EHú NDWÕOÕPFÕGDQ LNLVLQLQ VDWÕQ DOGÕNODUÕ
LVWDWLVWLNVHO DoÕGDQ DQODPOÕ ELU IDUNOÕOÕN WHVSLW FLKD]ODUGDNL YDUVD\ÕODQ SDUROD\Õ LON NXUXOXPGD
HGLOPHPLúWLU GH÷LúWLUPHPHVL EX NRQXGD FLGGL ELU ELOLQoVL]OLN
%LOJLVDKLELNDWÕOÕPFÕODUYHGL÷HUNDWÕOÕPFÕODUÕQSDUROD ROGX÷XQX J|VWHUPHNWHGLU .DWÕOÕPFÕODUGD LQWHUQHWH
saklama tercihlerLQLQGD÷ÕOÕPÕQGDLVWDWLVWLNVHODoÕGDQ ED÷OÕ QHVQHOHULQ VLEHU VDOGÕUÕ\D PDUX] NDODELOHFH÷L
DQODPOÕ IDUN ROGX÷X J|UOPú ROXS ELOJL VDKLEL ELOLQFL NÕVPHQ ROXúVD GD EX QHVQHOHUOH VLEHU VDOGÕUÕ
\DSÕODELOHFH÷LELOLQFL\HWHUOLVHYL\HGHGH÷LOGLU
NDWÕOÕPFÕODUÕQ SDURODODUÕQÕ DNÕOGD WXWPD RUDQÕ 
GL÷HU NDWÕOÕPFÕODUÕQ SDURODODUÕQÕ DNÕOGD WXWPD RUDQÕ .DWÕOÕPFÕODUÕQ oR÷XQOX÷X ELU VLEHU VDOGÕUÕ\D KHGHI
¶WU%LOJLVDKLELNDWÕOÕPFÕODUÕQSDUROD\|QHWLP ROPDLKWLPDOLQLQEXOXQPDGÕ÷ÕQÕYH\DEXLKWLPDOLQD]
SURJUDPÕ NXOODQPD RUDQÕ  GL÷HU NDWÕOÕPFÕODUÕQ ROGX÷XQXEHOLUWPLúWLUøVWH÷HED÷OÕEH\DQHGLOHQJ|Uú
SDUROD\|QHWLPSURJUDPÕNXOODQPDRUDQÕ¶WU YH |QHULOHULQ WRSODQGÕ÷Õ VRQ VRUX\D ELU NÕVÕP
NDWÕOÕPFÕODU ³ELU VLEHU VDOGÕUÕQÕQ KHGHIL ROPDN LoLQ
3DUROD VHoLPL NRQXVXQGD ELOJL VDKLEL NDWÕOÕPFÕODUÕQ
LVWLKEDUDW HPQL\HW YE NULWLN ELU ELULPGH oDOÕúÕ\RU
KHU KHVDS LoLQ D\UÕ SDUROD VHoPH RUDQÕQÕQ GL÷HU
ROPDN JHUHNWL÷L´ YH ³VÕUDGDQ NXOODQÕFÕODUÕQ VLEHU
NDWÕOÕPFÕODUD RUDQOD GDKD \NVHN ROGX÷X DQFDN
VDOGÕUÕ\DKHGHIROPDVÕQÕQPPNQROPDGÕ÷Õ´LoHULNOL
\DQÕWODUÕQJHQHOGD÷ÕOÕPÕGLNNDWHDOÕQGÕ÷ÕQGDWHUFLKOHU
\DQÕWODU YHUPLúWLU +HU LNL GXUXP ELUOLNWH
DUDVÕQGD LVWDWLVWLNVHO DoÕGDQ DQODPOÕ ELU IDUN
GH÷HUOHQGLULOGL÷LQGH NDWÕOÕPFÕODUÕQ VÕUDGDQ
EXOXQPDGÕ÷ÕJ|UOPúWU
NXOODQÕFÕODUÕQ ELU VLEHU VDOGÕUÕ\D KHGHI ROPD\DFD÷ÕQD

TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 8
 Çizelge-6: %LOJL7HNQRORMLOHULYH6LEHU*YHQOLN$ODQÕQGD(÷LWLPøú'XUXPX'H÷LúNHQLQH*|UH<DQÕWODUÕQ
Ki-.DUH7HVWL6RQXoODUÕ

%LOJLVDKLELNDWÕOÕPFÕPÕ"
Soru

Evet (%) +D\ÕU  Ȥ sd p

S4 - 6DWÕQDOGÕ÷ÕPPRGHP Evet 72,2 57,5
IP kamera vb. cihazlarla
birlikte gelen admin, root vb.
SDUROD\ÕLONNXUXOXPGD 4,207 1 0,04
+D\ÕU 27,8 42,5
GH÷LúWLULULP <DQÕWODU
kategorik olarak yeniden
G]HQOHQPLúWLU
1. Hedef olma ihtimalim
13 17,3
yoktur.
S6 - %LUVLEHUVDOGÕUÕQÕQ
2. +HGHIROPDLKWLPDOLPD]GÕU 31,5 47,6
hedefi olma ihtimalinizi 1-5
3. +HGHIROXSROPDPDLKWLPDOLPD\QÕGÕU 31,5 26,9 16,14 4 0,003
DUDVÕQGDSXDQOD\ÕQÕ]
4. Hedef olma ihtimalim
(5 en yüksek ihtimal) 9,3 4,2
yüksektir.
5. Kesinlikle hedefim. 14,8 4
S13 - 6L]FHDúD÷ÕGDNLOHUGHQ 7ujMko0admin 48,1 47,5
0,42 1 0,838
KDQJLVLHQJYHQOLSDURODGÕU" SEays214. 44,4 46,7
+HSVLD\QÕSDURODGÕU 7,4 6,5
.XOODQGÕ÷ÕPELUNDoSDURODPYDURQODUÕQ
51,9 67,1
S14 - 3DURODODUÕQÕ]ÕQDVÕO DUDVÕQGDQVHoHULP
5,289 3 0,152
seçersiniz? dR÷XQOXNODD\UÕSDURODODUVHoHULP
14,8 10,5
QDGLUHQEXQODUELUELULQLQD\QÕRODELOLU
+HUKHVDSLoLQD\UÕSDURODVHoHULP 25,9 15,9
.k÷ÕGDSRVW-it'e vb. fiziksel bir ortama
9,4 6,8
\D]DUÕP
%LOJLVD\DUÕPGDFHSWHOHIRQXPGD
11,3 12,5
S15 - 3DURODODUÕQÕ]Õ bir dosya üzerine kaydederim.
oR÷XQOXNODQDVÕOVDNODPD\Õ :HEWDUD\ÕFÕPDKDWÕUODPDVÕLoLQ 14,32 4 0,006
3,8 5,1
tercih edersiniz? kaydederim.
$NOÕPGDWXWDUÕP 58,5 71,3
3DUROD\|QHWLPSURJUDPÕNXOODQÕUÕPYH
17 4,3
ona kaydederim.

GDLUDOJÕODUÕQÕQEXOXQGX÷XVRQXFXQDYDUÕOPÕúWÕUøOHUL .DWÕOÕPFÕODUÕQ oR÷XQOX÷X ELOJLVD\DUODUÕQGD LúOHWLP

G]H\ NDOÕFÕ WHKGLW VDOGÕUÕODUÕ DGYDQFH SHUVLVWHQW
threat - $37  V|] NRQXVX ROGX÷XQGD EX DOJÕ NDEXO
edilebilir olsa dahi nesnelerin internetini etkileyen
]DUDUOÕ \D]ÕOÕPODU DoÕVÕQGDQ HOH DOÕQGÕ÷ÕQGD  EX
DOJÕQÕQJHoHUOLROPDGÕ÷ÕGH÷HUOHQGLULOPHNWHGLU
%LOJLWHNQRORMLOHULYH\DVLEHUJYHOLNDODQÕQGDH÷LWLP
DODQ \DKXW oDOÕúDQ NLúLOHU GL÷HU NDWÕOÕPFÕODUD NÕ\DVOD
nesnelerin internetinin güvenOL÷L NRQXVXQGD GDKD
ELOLQoOL YH WHPNLQOLGLU DQFDN EX NLúLOHUFH
³XM0NRDGPLQ´ VHoHQH÷LQLQ JYHQOL SDUROD RODUDN
VHoLOPLú ROPDVÕ 0LUDL ]DUDUOÕ \D]ÕOÕPÕ WDUDIÕQGDQ
KHGHI DOÕQDQ SDUROD NWSKDQHVLQLQ \HWHULQFH
ELOLQPHGL÷LQLJ|VWHUPHNWHGLU
VLVWHPL RODUDN :LQGRZV GD÷ÕWÕPODUÕQÕ ZHE WDUD\ÕFÕ
RODUDN *RRJOH &KURPH X\JXODPDVÕQÕ WHUFLK
HWPHNWHGLU$÷D ED÷OÕQHVQHOHULQ YDUVD\ÕODQ SDURODODU
YH\D NROD\ SDURODODU LOH NXOODQÕPÕQÕ HQJHOOH\HFHN
o|]POHULQ WDVDUÕPÕQGD EX oDOÕúPDGD WHVSLW HGLOHQ
WHUFLK YHH÷LOLPOHULQ J|]|QQGHEXOXQGXUXOPDVÕV|]
NRQXVX o|]POHULQ HULúLOHELOLUOL÷LQL
NXOODQÕODELOLUOL÷LQLYHHWNLQOL÷LQLDUWWÕUDFDNWÕU
7. Sonuç
0LUDL ]DUDUOÕ \D]ÕOÕPÕ X]XQ ELU VUHGLU JYHQOLN
X]PDQODUÕ WDUDIÕQGDQ ELOLQPHNWHGLU Güvenlik

TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 9
X]PDQODUÕWDUDIÕQGDQQHVQHOHULQLQWHUQHWLFLKD]ODUÕQGD
YDUVD\ÕODQ RWXUXP DoPD ELOJLOHULQLQ NXOODQÕPÕQÕQ
VRQD HUGL÷L \DQÕOJÕVÕQD NDSÕODELOLU $QFDN EX
DUDúWÕUPD J|VWHUPLúWLU NL KDOHQ ONHPL]GHNL KHU EHú
NXOODQÕFÕGDQ LNLVL FLKD]ODUÕQÕQ LON NXUXOXPXnda
YDUVD\ÕODQ SDUROD\Õ GH÷LúWLUPHPHNWHGLU 8]PDQODU
WDUDIÕQGDQ \DSÕODQ DUDúWÕUPDODU QHWLFHVLQGH HOGH
HGLOHQ ELOJLOHULQ Xo NXOODQÕFÕODUD EX NXOODQÕFÕODUÕQ
DQOD\DFD÷Õ VHYL\HGH DNWDUÕPÕ YH NXOODQÕFÕODUGDNL
IDUNÕQGDOÕN VHYL\HVLQLQ DU]X HGLOHQ G]H\H
oÕNDUÕOPDVÕ KXVXVXQGD HNVLNOLNOHU EXOXQGX÷X DoÕNWÕU
%X HNVLNOLNOHULQ KÕ]OÕ YH JHoLFL \|QWHPOHUOH
JLGHULOPHVLQL EHNOHPHN JHUoHNoL ELU \DNODúÕP
ROPD\DFDNWÕU hONHPL]GH LON|÷UHWLP oD÷ÕQGDQ
LWLEDUHQ ELUH\OHUH WHPHO ELOLúLP H÷LWLPL YHULOPHNWH
NDPX NXUXPODUÕ YH |]HO VHNW|UGH oDOÕúDQODUD ELOJL
JYHQOL÷LIDUNÕQGDOÕNH÷LWLPOHULYHULOPHNWHGLU8OXVDO
VLEHU JYHQOLN H\OHP SODQÕQD HNOHQHFHN KXVXVODU YH
RUWD\D NRQDFDN  ELU LUDGH LOH LON|÷UHWLPGHQ LWLEDUHQ
ELOJL JYHQOL÷L IDUNÕQGDOÕN H÷LWLPOHUL YHULOPHOL YH
nesnelerin internetLQLQ JYHQOL÷L NRQXVX EX H÷LWLP
NDSVDPÕQda ele DOÕQPDOÕGÕU
1HVQHOHULQ LQWHUQHWL FLKD]ODUÕQÕQ WDVDUÕPÕQGDQ
kaynaklanan zafiyetlerin önlenmesi konusunda
standartlar ve belgelendirme süreçleri büyük rol
R\QDPDNWDGÕU
øQWHUQHWH ED÷OÕ QHVQHOHULQ JYHQOLN DODQÕQGD WHVW YH
VHUWLILNDV\RQXQ VD÷ODQPDVÕ DPDFÕ\OD \HGL D\UÕ
GH÷HUOHQGLUPH VHYL\HVLQGHQ ROXúDQ ,62,(& 
Ortak Kriterler Belgelendirmesi sürecinden
ID\GDODQÕOPDVÕ \D\JÕQ ELU X\JXODPD ROVD GDKL EX
VUHFLQ X]XQOX÷X KDUFDQDQ HIRU YH PDOL\HWOHULQ
üreticilerHJHWLUGL÷L\NHOHúWLULOPHNWHGLU>4@$NÕOOÕ
bir televizyonun ISO/IEC 15408 Ortak Kriterler
%HOJHOHQGLUPHVL NDSVDPÕQGD |QFHGHQ EHOLUOHQPLú
JYHQOLN NULWHUOHULQH X\JXQOX÷XQXQ LNLQFL GHUHFH
GH÷HUOHQGLUPHVHYL\HVLQGH ($/ WHVWHGLOPHVLG|UW
D\ VUPúWU [35]. ISO/IEC 15408 Ortak Kriterler
Belgelendirmesi sürecinin ikinci derece
GH÷HUOHQGLUPH VHYL\HVLQLQ ($/  PLOOL NDUúÕOÕ÷Õ
RODUDN 7UN 6WDQGDUWODUÕ (QVWLWV WDUDIÕQGDQ
JHOLúWLULOHQ76(.7HPHO6HYL\H%HOJHOHQGLUPHVL
sürecinde daha az maliyetle ve dahD NÕVD VUHGH
ELOLúLP WHNQRORMLOHUL UQOHULQLQ WHVW YH
EHOJHOHQGLUPHVLQLQ WDPDPODQDFD÷Õ |QJ|UOPHNWHGLU
[36]. $%' YH øQJLOWHUH¶GHNL \DVDO G]HQOHPHOHULQ
ONHPL]HGHX\DUODQDUDNONHPL]SD]DUÕQDDU]HGLOHQ
D÷ HULúLP \HWHQHNOL QHVQHOHULQ KHU ELU QHVQH LoLQ
IDUNOÕ YDUVD\ÕODQ SDUROD LOH VDWÕúÕQÕQ ]RUXQOX KDOH
getirilmesi ve bu nesnelerin ETSI TS 103 645
“Cyber Security for Consumer Internet of Things”
WDUDIÕQGDQ WHVSLW HGLOHQ JYHQOLN NULWHUOHUL GLNNDWH
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 10
DOÕQDUDN 76(.  7HPHO 6HYL\H *YHQOLN
Belgelendirmesi VUHFLQH WDEL WXWXOPDVÕ ONHPL]
dahilindeki nesnelerin interneti ekosisteminin
JYHQOL÷LQLDUWWÕUDFDNWÕU
Kaynakça
[1] A. Dulaunoy, G. Wagener, and S. Mokaddem, “An
extended analysis of an IoT malware from a
blackhole network,” in TNC17 Networking
Conference, Linz, Austria, 2017, p. 42.
[2] “Internet of things at a glance,” Cisco, 2016.
[Online]. Available:
https://www.cisco.com/c/dam/en/us/products/collater
al/se/internet-of-things/at-a-glance-c45-731471.pdf.
[Accessed: 06-May-2019].
[3] “OWASP Internet of Things Project,” OWASP.
[Online]. Available:
https://www.owasp.org/index.php/OWASP_Internet
_of_Things_Project #tab=IoT_Top_10. [Accessed:
03-May-2019].
[4] R. Hallman, J. Bryan, G. Palavicini, J. Divita, and J.
Romero-Mariona, “IoDDoS - The Internet of
distributed denial of sevice attacks - a case study of
the Mirai malware and IoT-based botnets,” in
Proceedings of the 2nd International Conference on
Internet of Things, Big Data and Security, Porto,
Portugal, 2017, pp. 47–58.
[5] J. Margolis, T. T. Oh, S. Jadhav, Y. H. Kim and J. N.
Kim, "An In-Depth Analysis of the Mirai
Botnet," 2017 International Conference on Software
Security and Assurance (ICSSA), Altoona, PA, USA,
2017, pp. 6-12.
[6] S. Hilton, “Dyn analysis summary of friday October
21 attack,” Dyn Blog, 26-Oct-2016. [Online].
Available: https://dyn.com/blog/dyn-analysis-
summary-of-friday-october-21-attack/. [Accessed:
05-May-2019].
[7] ”jgamblin/Mirai-Source-Code,” GitHub, 25-Oct-
2016. [Online].
Available:https://github.com/jgamblin/MiraiSourceC
ode/tree/master/mirai. [Accessed: 01-May-2019].
[8] I. Zeifman, B. Herzberg, D. Bekerman, “Breaking
down mirai: an IoT DDoS botnet analysis,” Imperva,
26-Oct-2016. [Online]. Available:
https://www.imperva.com/blog/malwareanalysis-
mirai-ddos-botnet.html. [Accessed: 07-May-2019].
[9] Y. Xu, H. Koide, D. V. Vargas and K. Sakurai,
"Tracing Mirai malware in networked system,"
in 2018 Sixth International Symposium on
Computing and Networking Workshops
(CANDARW), Takayama, Japan, 2018, pp. 534-538.
[10] + 6LQDQRYLü DQG 6 0UGRYLF $QDO\VLV RI 0LUDL
malicious software," in 2017 25th International
Conference on Software, Telecommunications and
Computer Networks (SoftCOM), Split, 2017, pp. 1-5.
[11] T. S. Gopal, M. Meerolla, G. Jyostna, P. Reddy
Lakshmi Eswari and E. Magesh, "Mitigating Mirai
malware spreading in IoT environment," in 2018
International Conference on Advances in
Computing, Communications and Informatics
(ICACCI), Bangalore, Karnataka, India, 2018, pp.
2226-2230.
[12] L. Labrovic, “The new Okiru mirai botnet, spectre is
slowing down ecommerce websites and more in this
weeks news,” GlobalDots, 19-Jan-2018. [Online].
Available: https://www.globaldots .com/new-okiru-
mirai-botnet-spectre-slowing-ecommerce-websites-
weeks-news/. [Accessed: 08-May-2019].
[13] G. Kambourakis, C. Kolias and A. Stavrou, "The
Mirai botnet and the IoT zombie armies,"
in MILCOM 2017 - 2017 IEEE Military
Communications Conference, Baltimore, MD, USA,
2017, pp. 267-272.
[14] “Hacker creates seven new variants of the Mirai
botnet,” AvastBlog, 25-Oct-2018. [Online].
Available: https://blog.avast.com/hacker-creates-
seven-new-variants-of-the-mirai-botnet. [Accessed:
06-May-2019].
[15] C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas,
“DDoS in the IoT: Mirai and other
botnets,” Computer, vol. 50, no. 7, pp. 80–84, 2017.
[16] Y. Ji, L. Yao, S. Liu, H. Yao, Q. Ye and R. Wang,
"The study on the botnet and its prevention policies
in the internet of things," in 2018 IEEE 22nd
International Conference on Computer Supported
Cooperative Work in Design (CSCWD), Nanjing,
2018, pp. 837-842.
[17] M. Antonakakis et al. “Understanding the mirai
botnet”, in Proceedings of the 26th USENIX
Conference on Security Symposium, 2017,
Vancouver, BC, Canada; pp. 1093-1110.
[18] “Nokia threat intelligence report – 2019,” [Online].
Available:
https://onestore.nokia.com/asset/205835?did=d00000
00016z&utm_campaign=threatintelligence18&utm_s
ource=marketo&utm_medium=LandingPage&utm_c
ontent=report&utm_term=awareness. [Accessed: 02-
May-2019].
[19] R. Nigam, “New Mirai variant targets enterprise
wireless presentation & display systems,” Unit42,
01-Apr-2019. [Online]. Available:
https://unit42.paloaltonetworks.com/new-mirai-
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 11
variant-targets-enterprise-wireless-presentation-
display-systems/. [Accessed: 06-May-2019].
[20] K. W. Chang, “Mirai is still alive and using multiple
old exploits on home routers,” Ixia. 15-Apr-2019.
[Online]. Available:
https://www.ixiacom.com/company/blog/mirai-still-
alive-and-using-multiple-old-exploits-home-routers.
[Accessed: 03-May-2019].
[21] 067RN ³1HVQHOHULQ øQWHUQHWLQGH %RWQHWOHU´
Yüksek Lisans Tezi, TOBB Ekonomi ve Teknoloji
Üniversitesi, A÷XVWRV
[22] USCERT, “Heightened ddos threat posed by Mirai
and other botnets”, Alert TA16-288A, 14-Oct-2016
(revised 30-Oct-2017). [Online]. Available: www.us-
cert.gov/ncas/alerts/TA16-288A. [Accessed: 02-
May-2019].
[23] “SB-327 Information privacy: connected
devices”, Senate Bill No.327, 28-Sep-2018. [Online].
Available: https://leginfo.
legislature.ca.gov/faces/billNavClient.xhtml?bill_id=
201720180SB327. [Accessed: 05-May-2019].
[24] “Code of practice for consumer IOT
security,” Secure by Design, 28-Feb-2019. [Online].
Available: https://www.gov.uk/government/
publications/secure-by-design/code-of-practice-for-
consumer-iot-security. [Accessed: 06-May-2019].
[25] ETSI TS 103 645 (2019). CYBER; Cyber Security
for Consumer Internet of Things, European
Telecommunications Standards Institute, Sophia-
Antipolis, France.
[26] “Our Increasingly Connected Lives: Survey
conducted by ESET in collaboration with the
National Cyber Security Alliance,” 24-Oct-2016.
[Online]. Available:
https://cdn3.esetstatic.com/eset/US/
resources/press/ESET_ConnectedLives-
DataSummary.pdf. [Accessed: 01-May-2019].
[27] M. Ghiglieri, M. Volkamer, and K. Renaud,
“Exploring consumers’ attitudes of smart tv related
privacy risks,” in International Conference on
Human Aspects of Information Security, Privacy and
Trust Lecture Notes in Computer Science (HAS
2017), Vancouver, Canada, 2017, pp. 656–674.
[28] C. Mcdermott, J. Isaacs, and A. Petrovski,
“Evaluating awareness and perception of botnet
activity within consumer internet-of-things (IoT)
networks,” Informatics, vol. 6, no. 1, p. 8, 2019.
[29] T. Talan, C. Aktürk, A. Korkmaz, S. Gülseçen,
³hQLYHUVLWH|÷UHQFLOHULQLQDNÕOOÕWHOHIRQNXOODQÕPÕQGD
JYHQOLNIDUNÕQGDOÕ÷Õ´Istanbul Journal of Open and
Distance Education, vol. 1, no. 2, pp. 61-75, 2016.
[30] g( $NJQ 0 7RSDO ³(÷LWLP IDNOWHVL VRQ VÕQÕI
|÷UHQFLOHULQLQ ELOLúLP JYHQOL÷L IDUNÕQGDOÕNODUÕ
6DNDU\D hQLYHUVLWHVL (÷LWLP )DNOWHVL |UQH÷L´
6DNDU\D hQLYHUVLWHVL (÷LWLP )DNOWHVL 'HUJLVL, vol.
5, no. 2, pp. 98-121, 2015.
[31] 0 7HNHUHN $ 7HNHUHN ³g÷UHQFLOHULQ ELOJL
JYHQOL÷LIDUNÕQGDOÕ÷Ձ]HULQHELUDUDúWÕUPD´Turkish
Journal of Education, vol. 2, no. 3, pp. 61-70, 2013.
[32] “Digital in 2018 in Western Asia Part 1 - North-
West”, 29-Jan-2018. [Online]. Available:
https://www.slideshare.net/wearesocial/digital-in-
2018-in-western-asia-part-1-northwest-86865983.
[Accessed: 07-May-2019].
[33] A. Houston, The survey handbook, Washington, DC:
Department of the Navy Total Quality Leadership
Office, 1997. [Online]. Available:
TÜRKøYE BøLøùøM VAKFI BøLGøSAYAR BøLøMLERø ve MÜHENDøSLøöø DERGøSø (2019 Cilt:12 - SayÕ:2) - 12
http://unpan1.un.org/intradoc/groups/public/docume
nts /aspa/unpan002507.pdf [Accessed: 01-May-
2019].
[34] G. Baldini, A. Skarmeta, E. Fourneret, R. Neisse, B.
Legeard and F. Le Gall, "Security certification and
labelling in internet of things," in 2016 IEEE 3rd
World Forum on Internet of Things (WF-IoT),
Reston, VA, 2016, pp. 627-632.
[35] S. Kang and S. Kim, “How to obtain common
criteria certification of smart TV for home IoT
security and reliability,” Symmetry, vol. 9, no. 10, p.
233, 2017.
[36] “Temel seviye güvenlik belgelendirmesi”, TSE.
[Online]. Available:
https://www.tse.org.tr/IcerikDetay?ID=2061&Parent
ID=3312. [Accessed: 02-May-2019].