A Deep Learning-based Penetration Testing Framework for Vulnerability Identification in Internet of Things Environments

TL;DR

This paper introduces a deep learning-based framework, LSTM-EVI, for vulnerability detection in IoT environments, demonstrating high accuracy in identifying scanning attacks within a smart airport testbed.

Contribution

The paper presents a novel LSTM-based penetration testing framework tailored for IoT, capable of detecting zero-day vulnerabilities and outperforming existing methods.

Findings

Achieves about 99% detection accuracy for scanning attacks

Outperforms four peer techniques in vulnerability detection

Validated on a smart airport IoT testbed and real-time data sources

Abstract

The Internet of Things (IoT) paradigm has displayed tremendous growth in recent years, resulting in innovations like Industry 4.0 and smart environments that provide improvements to efficiency, management of assets and facilitate intelligent decision making. However, these benefits are offset by considerable cybersecurity concerns that arise due to inherent vulnerabilities, which hinder IoT-based systems' Confidentiality, Integrity, and Availability. Security vulnerabilities can be detected through the application of penetration testing, and specifically, a subset of the information-gathering stage, known as vulnerability identification. Yet, existing penetration testing solutions can not discover zero-day vulnerabilities from IoT environments, due to the diversity of generated data, hardware constraints, and environmental complexity. Thus, it is imperative to develop effective penetration testing solutions for the detection of vulnerabilities in smart IoT environments. In this paper, we propose a deep learning-based penetration testing framework, namely Long Short-Term Memory Recurrent Neural Network-Enabled Vulnerability Identification (LSTM-EVI). We utilize this framework through a novel cybersecurity-oriented testbed, which is a smart airport-based testbed comprised of both physical and virtual elements. The framework was evaluated using this testbed and on real-time data sources. Our results revealed that the proposed framework achieves about 99% detection accuracy for scanning attacks, outperforming other four peer techniques.