Effectiveness of Transformer Models on IoT Security Detection in StackOverflow Discussions

• URL: http://arxiv.org/abs/2207.14542v1
• Date: Fri, 29 Jul 2022 08:18:03 GMT
• Title: Effectiveness of Transformer Models on IoT Security Detection in StackOverflow Discussions
• Authors: Nibir Chandra Mandal, G. M. Shahariar, and Md. Tanvir Rouf Shawon
• Abstract summary: "IoT Security dataset" is a domain-specific dataset of 7147 samples focused solely on IoT security discussions. We found that IoT security discussions are different and more complex than traditional security discussions.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The Internet of Things (IoT) is an emerging concept that directly links to the billions of physical items, or "things", that are connected to the Internet and are all gathering and exchanging information between devices and systems. However, IoT devices were not built with security in mind, which might lead to security vulnerabilities in a multi-device system. Traditionally, we investigated IoT issues by polling IoT developers and specialists. This technique, however, is not scalable since surveying all IoT developers is not feasible. Another way to look into IoT issues is to look at IoT developer discussions on major online development forums like Stack Overflow (SO). However, finding discussions that are relevant to IoT issues is challenging since they are frequently not categorized with IoT-related terms. In this paper, we present the "IoT Security Dataset", a domain-specific dataset of 7147 samples focused solely on IoT security discussions. As there are no automated tools to label these samples, we manually labeled them. We further employed multiple transformer models to automatically detect security discussions. Through rigorous investigations, we found that IoT security discussions are different and more complex than traditional security discussions. We demonstrated a considerable performance loss (up to 44%) of transformer models on cross-domain datasets when we transferred knowledge from a general-purpose dataset "Opiner", supporting our claim. Thus, we built a domain-specific IoT security detector with an F1-Score of 0.69. We have made the dataset public in the hope that developers would learn more about the security discussion and vendors would enhance their concerns about product security.

Related papers

• IoT-LM: Large Multisensory Language Models for the Internet of Things [70.74131118309967]
  IoT ecosystem provides rich source of real-world modalities such as motion, thermal, geolocation, imaging, depth, sensors, and audio. Machine learning presents a rich opportunity to automatically process IoT data at scale. We introduce IoT-LM, an open-source large multisensory language model tailored for the IoT ecosystem.
  arXiv  Detail & Related papers  (2024-07-13T08:20:37Z)
• Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
  This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
  arXiv  Detail & Related papers  (2023-12-01T16:10:43Z)
• A Survey of the Security Challenges and Requirements for IoT Operating Systems [0.0]
  The Internet of Things (IoT) is becoming an integral part of our modern lives as we converge towards a world surrounded by ubiquitous connectivity. The inherent complexity presented by the vast IoT ecosystem ends up in an insufficient understanding of individual system components and their interactions. There is a need for a unifying operating system (OS) that can act as a cornerstone regulating the development of stable and secure solutions.
  arXiv  Detail & Related papers  (2023-10-27T19:19:07Z)
• IoTScent: Enhancing Forensic Capabilities in Internet of Things Gateways [45.44831696628473]
  This paper presents IoTScent, an open-source forensic tool that enables IoT gateways and Home Automation platforms to perform IoT traffic capture and analysis. IoTScent is specifically designed to operate over IEEE5.4-based traffic, which is the basis for many IoT-specific protocols such as Zigbee, 6LoWPAN and Thread. This work provides a comprehensive description of the IoTScent tool, including a practical use case that demonstrates the use of the tool to perform device identification from Zigbee traffic.
  arXiv  Detail & Related papers  (2023-10-05T09:10:05Z)
• SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
  We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
  arXiv  Detail & Related papers  (2023-09-26T08:11:38Z)
• Towards Artificial General Intelligence (AGI) in the Internet of Things (IoT): Opportunities and Challenges [55.82853124625841]
  Artificial General Intelligence (AGI) possesses the capacity to comprehend, learn, and execute tasks with human cognitive abilities. This research embarks on an exploration of the opportunities and challenges towards achieving AGI in the context of the Internet of Things. The application spectrum for AGI-infused IoT is broad, encompassing domains ranging from smart grids, residential environments, manufacturing, and transportation to environmental monitoring, agriculture, healthcare, and education.
  arXiv  Detail & Related papers  (2023-09-14T05:43:36Z)
• Caveat (IoT) Emptor: Towards Transparency of IoT Device Presence (Full Version) [12.842258850026878]
  Hidden IoT devices can snoop (via sensing) on nearby unsuspecting users, and impact the environment where unaware users are present, via actuation. This paper constructs a privacy-agileuation RootofTrust architecture for devices, called PAISA. It guarantees timely and secure announcements about IoT devices' presence and their capabilities.
  arXiv  Detail & Related papers  (2023-09-07T09:08:31Z)
• Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future [6.422895251217666]
  This paper reviews forensic and security issues associated with IoT in different fields. Most IoT devices are vulnerable to attacks due to a lack of standardized security measures. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system.
  arXiv  Detail & Related papers  (2023-09-06T04:41:48Z)
• HoneyIoT: Adaptive High-Interaction Honeypot for IoT Devices Through Reinforcement Learning [10.186372780116631]
  We develop an adaptive high-interaction honeypot for IoT devices, called HoneyIoT. We first build a real device based attack trace collection system to learn how attackers interact with IoT devices. We then model the attack behavior through markov decision process and leverage reinforcement learning techniques to learn the best responses to engage attackers.
  arXiv  Detail & Related papers  (2023-05-10T19:43:20Z)
• An Empirical Study of IoT Security Aspects at Sentence-Level in Developer Textual Discussions [0.8029049649310213]
  We develop a model that can automatically find security-related IoT discussions in Stack Overflow. We study the model output to learn about IoT developer security-related challenges.
  arXiv  Detail & Related papers  (2022-06-07T07:54:35Z)
• Smart Home, security concerns of IoT [91.3755431537592]
  The IoT (Internet of Things) has become widely popular in the domestic environments. People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed. Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
  arXiv  Detail & Related papers  (2020-07-06T10:36:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.