University of Twente Student Theses

Login
As of Friday, 8 August 2025, the current Student Theses repository is no longer available for thesis uploads. A new Student Theses repository will be available starting Friday, 15 August 2025.

Classifying IoT-Related Vulnerabilities in the CVE Dataset Using Large Language Models

Beld, T.P. (2025) Classifying IoT-Related Vulnerabilities in the CVE Dataset Using Large Language Models.

[img] PDF
1MB
Abstract:The Internet of Things (IoT) continues to expand rapidly. Meanwhile, vulnerabilities in IoT systems have become increasingly prevalent. Despite this, the Common Vulnerabilities and Exposures (CVE) database, a key resource in cybersecurity, does not explicitly indicate whether a vulnerability is related to IoT. Previous studies primarily rely on keyword-based searches and manual review to identify IoT-related vulnerabilities, which is time-consuming and may fail to capture more nuanced cases. In this paper, we assess the effectiveness of large language models (LLMs) in classifying CVEs as IoT-related or not and compare their performance against fine-tuned Natural Language Processing (NLP) based classifiers. We then investigate which specific components of a CVE entry, such as the description or affected items, contribute most significantly to the classification decision, providing insights into the internal decision-making process of the LLMs. Our goal is to go beyond simple keyword detection, reduce manual work, and expand the current datasets of IoT vulnerabilities. Results show that LLMs have high potential in automatically classifying CVEs with an accuracy of 92% without any fine-tuning or the need for labeled training data. It significantly reduces the manual effort required for processing such large vulnerability datasets and offers researchers and security professionals a powerful tool for enhancing IoT security.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:01 general works, 54 computer science
Programme:Computer Science BSc (56964)
Link to this item:https://purl.utwente.nl/essays/107440
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page