University of Twente Student Theses
As of Friday, 8 August 2025, the current Student Theses repository is no longer available for thesis uploads. A new Student Theses repository will be available starting Friday, 15 August 2025.
Classifying IoT-Related Vulnerabilities in the CVE Dataset Using Large Language Models
Beld, T.P. (2025) Classifying IoT-Related Vulnerabilities in the CVE Dataset Using Large Language Models.
|
PDF
1MB |
| Abstract: | The Internet of Things (IoT) continues to expand rapidly. Meanwhile, vulnerabilities in IoT systems have become increasingly prevalent. Despite this, the Common Vulnerabilities and Exposures (CVE) database, a key resource in cybersecurity, does not explicitly indicate whether a vulnerability is related to IoT. Previous studies primarily rely on keyword-based searches and manual review to identify IoT-related vulnerabilities, which is time-consuming and may fail to capture more nuanced cases. In this paper, we assess the effectiveness of large language models (LLMs) in classifying CVEs as IoT-related or not and compare their performance against fine-tuned Natural Language Processing (NLP) based classifiers. We then investigate which specific components of a CVE entry, such as the description or affected items, contribute most significantly to the classification decision, providing insights into the internal decision-making process of the LLMs. Our goal is to go beyond simple keyword detection, reduce manual work, and expand the current datasets of IoT vulnerabilities. Results show that LLMs have high potential in automatically classifying CVEs with an accuracy of 92% without any fine-tuning or the need for labeled training data. It significantly reduces the manual effort required for processing such large vulnerability datasets and offers researchers and security professionals a powerful tool for enhancing IoT security. |
| Item Type: | Essay (Bachelor) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 01 general works, 54 computer science |
| Programme: | Computer Science BSc (56964) |
| Link to this item: | https://purl.utwente.nl/essays/107440 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page