A Real-Time IoT Vulnerability Detection Framework with Hybrid Discovery and CVE Correlation

Shubham Minhass; Ritu Chauhan; Harleen Kaur

doi:10.48084/etasr.16423

Authors

Shubham Minhass Amity Institute of Information Technology, Amity University Noida, India
Ritu Chauhan Artificial Intelligence and IoT Lab, Centre for Computational Biology and Bioinformatics, Amity University, Noida, UP, India
Harleen Kaur Department of Computer Science and Engineering, Jamia Hamdard, Delhi, India

Volume: 16 | Issue: 2 | Pages: 33310-33317 | April 2026 | https://doi.org/10.48084/etasr.16423

Received: 21 November 2025 | Revised: 11 December 2025 | Accepted: 21 January 2026 | Online: 4 April 2026

Corresponding author: Ritu Chauhan

Abstract

The rapid growth of the Internet of Things (IoT) has expanded connectivity across smart homes, companies, and industries. However, these networks have become increasingly vulnerable to cyber threats. Due to the variety of protocols used, proprietary firmware, and unpredictable device behavior, vulnerability scanners such as Nmap, Nessus, and OpenVAS are often less effective at detecting IoT-specific vulnerabilities. To address these issues, this paper proposes a Real-Time IoT Vulnerability Scanner Framework that connects to the Common Vulnerabilities and Exposures (CVE) database to standardize threat correlation, perform hybrid vulnerability verification, and automatically identify connected devices. Once devices across various protocols are discovered through a hybrid approach that combines active probing and passive packet sniffing, the framework matches firmware and service banners with known vulnerabilities in the National Vulnerability Database (NVD) using a fuzzy CVE matching algorithm. An interactive dashboard displays vulnerability timelines, Common Vulnerability Scoring System (CVSS)-based severity ratings, and current device inventories. The system was tested and demonstrated to outperform existing tools in an experimental setup comprising more than 600 IoT and non-IoT devices. It achieved a precision of 0.94, a recall of 0.91, an F1-score of 0.92, and covered approximately 88% of vulnerabilities, with an average scan time of 1.4 s per device. These results demonstrate that the system offers high accuracy, low latency, and scalability for real-time IoT vulnerability monitoring.

Keywords:

IoT security, CVE integration, real-time monitoring, dashboard analytics

Downloads

Download data is not yet available.

References

I. Sharafaldin, A. H. Lashkari, S. Hakak, and A. A. Ghorbani, "Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy," in 2019 International Carnahan Conference on Security Technology, Chennai, India, 2019, pp. 1–8. DOI: https://doi.org/10.1109/CCST.2019.8888419

Lalhriatpuii, Ruchi, and V. Wasson, "Comprehensive Exploration of IoT Communication Protocol: CoAP, MQTT, HTTP, LoRaWAN and AMQP," in First International Conference on Machine Learning Algorithms, Himachal Pradesh, India, 2024, pp. 261–274. DOI: https://doi.org/10.1007/978-3-031-75861-4_23

D. He et al., "Toward Hybrid Static-Dynamic Detection of Vulnerabilities in IoT Firmware," IEEE Network, vol. 35, no. 2, pp. 202–207, Mar. 2021. DOI: https://doi.org/10.1109/MNET.011.2000450

X. Fang, K. He, Y. Wu, R. Chen, and J. Zhao, "Balancing Accuracy and Efficiency in Vehicular Network Firmware Vulnerability Detection: A Fuzzy Matching Framework with Standardized Data Serialization," Informatics, vol. 12, no. 3, July 2025, Art. no. 67. DOI: https://doi.org/10.3390/informatics12030067

M. Anwer, S. M. Khan, M. U. Farooq, and Waseemullah, "Attack Detection in IoT using Machine Learning," Engineering, Technology & Applied Science Research, vol. 11, no. 3, pp. 7273–7278, June 2021. DOI: https://doi.org/10.48084/etasr.4202

M. Vielberth, "Security Information and Event Management (SIEM)," in Encyclopedia of Cryptography, Security and Privacy, Berlin, Heidelberg, Germany: Springer, 2021, pp. 1–3. DOI: https://doi.org/10.1007/978-3-642-27739-9_1681-1

I. Stellios, P. Kotzanikolaou, M. Psarakis, C. Alcaraz, and J. Lopez, "A Survey of IoT-Enabled Cyberattacks: Assessing Attack Paths to Critical Infrastructures and Services," IEEE Communications Surveys & Tutorials, vol. 20, no. 4, pp. 3453–3495, 2018. DOI: https://doi.org/10.1109/COMST.2018.2855563

G. J. Blinowski and P. Piotrowski, "CVE Based Classification of Vulnerable IoT Systems," in Proceedings of the Fifteenth International Conference on Dependability of Computer Systems, Brunów, Poland, 2020, pp. 82–93. DOI: https://doi.org/10.1007/978-3-030-48256-5_9

M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A.-R. Sadeghi, and S. Tarkoma, "IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT," in 2017 IEEE 37th International Conference on Distributed Computing Systems, Atlanta, GA, USA, 2017, pp. 2177–2184. DOI: https://doi.org/10.1109/ICDCS.2017.283

Y. Meidan et al., "ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis," in Proceedings of the Symposium on Applied Computing, Marrakech, Morocco, 2017, pp. 506–509. DOI: https://doi.org/10.1145/3019612.3019878

S. Siboni et al., "Security Testbed for Internet-of-Things Devices," IEEE Transactions on Reliability, vol. 68, no. 1, pp. 23–44, Mar. 2019. DOI: https://doi.org/10.1109/TR.2018.2864536

J. Karande and S. Joshi, "Real-Time Detection of Cyber Attacks on the IoT Devices," in 2020 11th International Conference on Computing, Communication and Networking Technologies, Kharagpur, India, 2020, pp. 1–6. DOI: https://doi.org/10.1109/ICCCNT49239.2020.9225487

S. Minhass, R. Chauhan, and H. Kaur, "Enhancing IoT Device Behavior Prediction through Machine Learning Models," Journal of Information Systems and Telecommunication, vol. 13, no. 49, pp. 63–76, May 2025. DOI: https://doi.org/10.61186/jist.47570.13.49.63

M. A. N. Shamsudin and M. F. Zolkipli, "A Comparative Analysis of Penetration Testing Tools for Network Vulnerability Assessment," Borneo International Journal, vol. 8, no. 2, pp. 69–80, July 2025.

X. Liu et al., "PG-VulNet: Detect Supply Chain Vulnerabilities in IoT Devices using Pseudo-code and Graphs," in Proceedings of the 16th ACM / IEEE International Symposium on Empirical Software Engineering and Measurement, Helsinki, Finland, 2022, pp. 205–215. DOI: https://doi.org/10.1145/3544902.3546240

D. Chen, G. Chang, D. Sun, J. Li, J. Jia, and X. Wang, "TRM-IoT: A trust management model based on fuzzy reputation for internet of things," Computer Science and Information Systems, vol. 8, no. 4, pp. 1207–1228, 2011. DOI: https://doi.org/10.2298/CSIS110303056C

T. Zhang, Y. Zhao, W. Jia, and M.-Y. Chen, "Collaborative algorithms that combine AI with IoT towards monitoring and control system," Future Generation Computer Systems, vol. 125, pp. 677–686, Dec. 2021. DOI: https://doi.org/10.1016/j.future.2021.07.008