Sec-IoT : Detection of Vulnerabilities in IoT Devices Using NER-Based Approach

Abstract

"In recent years, IoT (Internet of Things) gadgets have surged in popularity but with that popularity has come increased concern about their security. These gadgets frequently lack adequate security safeguards and are thus prone to assaults such as hacking, malware, and data breaches. Attackers can utilize these flaws to get access to sensitive information, seize control of the devices, or use them as a gateway to other systems. It is critical to periodically examine and monitor IoT devices for vulnerabilities to detect and prevent these types of assaults. Penetration testing, vulnerability scanning, and network monitoring are all methods for accomplishing this. Furthermore, it is critical to keep IoT devices' software and firmware up to date to safeguard them from newly identified vulnerabilities. The current study sought a better solution for detecting vulnerabilities in IoT devices. To do this, existing vulnerability detection approaches were thoroughly reviewed and analyzed. Based on their findings, the researchers decided to concentrate their efforts on vulnerability detection using CVE (Common Vulnerabilities and Exposures) , device classification and IoT device identification. To implement the classification and IoT device identification, the researcher uses custom NER model developed using Spacy . And testing was able to achieve accuracy of 76%. Due to the elimination of the iterative communication overhead, the system became more effective and quicker as a result. Additionally, the crowd source active learning method is used to advance the research."