Posts
Imagine that you are about to introduce a new IoT device into your corporate network. It'…
July 22, 2025 at 8:07 PM•Max Knyazev is typing…Telegram mirror
Imagine that you are about to introduce a new IoT device into your corporate network. It's beautiful, it's functional, it's all "smart". But the question is: are you sure that it will not become a Trojan horse?
🐎
In the article "Towards Weaknesses and Attack Patterns Prediction for IoT Devices" UNSW researchers are proposing a platform that uses Bi-LSTM and GBM to predict weaknesses in IoT devices and possible attack patterns before deployment. Yes, without physical access. Yes, only according to the text from public databases. Yes, with 77% accuracy on weaknesses and 99.4% on attack patterns. And all this on the basis of carefully assembled dataset , accessible to everyone
It’s nice to see that the authors approached the problem systematically: they didn’t forget to add CVE, CWE, CAPEC, and even ZoomEye here. A decent amount of data was collected, the architecture was tested with transformers and RNN. As a result, it turned out that the good old Bi-LSTM, with due diligence ( I mean, 1000 epochs ) gives stable predictions no worse than fashionable transformers
😮
Now my opinion: the idea is cool. I especially like the attempt to go beyond the classic “set up a scanner - get a report.” It’s as if the antivirus started saying not “you have a virus”, but “you will soon have a virus, and here’s where”
But...
There is always this “but”, right?
😏
First, such models are highly dependent on the quality of the data. And in the world of IoT, it’s a pain. The devices are cheap, the firmware is unclear, and the vendors are silent. The problem is not with the algorithms, but with the “garbage input”. Cool architecture won't save you if the data is of poor quality
Secondly, they still predict based on text, not binaries. This is important. The vulnerability may be hidden in the specific implementation, and not in the description. And not all CVEs actually say anything about real weaknesses
💯
And finally, the question is: how ready are vendors to use such predictive tools before release? Because judging by reality, even patches for critical holes take months to roll out ( and sometimes not at all - hello, Airoha ). So we can hardly hope that tomorrow vendors will rush to train Bi-LSTM on their firmware
But from a research point of view, the work is excellent. If you are in academia or developing your own tools for evaluating IoT devices, be sure to look at the dataset and code at the link above. Maybe this is what you will need in your next fuzzer or attack simulator
🤝
#information_security
#internet_things
Open original post on TelegramIn the article "Towards Weaknesses and Attack Patterns Prediction for IoT Devices" UNSW researchers are proposing a platform that uses Bi-LSTM and GBM to predict weaknesses in IoT devices and possible attack patterns before deployment. Yes, without physical access. Yes, only according to the text from public databases. Yes, with 77% accuracy on weaknesses and 99.4% on attack patterns. And all this on the basis of carefully assembled dataset , accessible to everyone
It’s nice to see that the authors approached the problem systematically: they didn’t forget to add CVE, CWE, CAPEC, and even ZoomEye here. A decent amount of data was collected, the architecture was tested with transformers and RNN. As a result, it turned out that the good old Bi-LSTM, with due diligence ( I mean, 1000 epochs ) gives stable predictions no worse than fashionable transformers
Now my opinion: the idea is cool. I especially like the attempt to go beyond the classic “set up a scanner - get a report.” It’s as if the antivirus started saying not “you have a virus”, but “you will soon have a virus, and here’s where”
But...
There is always this “but”, right?
First, such models are highly dependent on the quality of the data. And in the world of IoT, it’s a pain. The devices are cheap, the firmware is unclear, and the vendors are silent. The problem is not with the algorithms, but with the “garbage input”. Cool architecture won't save you if the data is of poor quality
Secondly, they still predict based on text, not binaries. This is important. The vulnerability may be hidden in the specific implementation, and not in the description. And not all CVEs actually say anything about real weaknesses
And finally, the question is: how ready are vendors to use such predictive tools before release? Because judging by reality, even patches for critical holes take months to roll out ( and sometimes not at all - hello, Airoha ). So we can hardly hope that tomorrow vendors will rush to train Bi-LSTM on their firmware
But from a research point of view, the work is excellent. If you are in academia or developing your own tools for evaluating IoT devices, be sure to look at the dataset and code at the link above. Maybe this is what you will need in your next fuzzer or attack simulator
#information_security
#internet_things
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.