Secure internet of things using deep learning: applying transformer-based NLP techniques for enhanced IoT security

Ahmad Mohammad Al-Zuraiqi

School of Electronics, Electrical Engineering and Computer Science

Student thesis: Doctoral Thesis › Doctor of Philosophy

Abstract

The rapid proliferation of Internet of Things (IoT) devices across domains such as wearables, smart home systems, and industrial automation necessitates robust security measures. This study addresses critical IoT security challenges through three interconnected contributions. First, we developed domain-specific datasets that map IoT firmware vulnerabilities to hardware configurations, enriched with metadata and synthetic augmentation to mitigate bias. Static analysis tools, such as the Firmware Analysis and Comparison Tool (FACT), were used to identify recurring vulnerabilities in various categories of IoT devices.

Second, we fine-tuned transformer-based large language models (LLMs) tailored for the IoT domain. By employing advanced alignment techniques, including Contrastive Preference Optimization (CPO) and Kahneman-Tversky Optimization (KTO), these models demonstrated enhanced predictive capabilities and contextual accuracy. Their integration with static analysis workflows resulted in a hybrid framework, improving vulnerability detection and scalability in resource-constrained environments.

Third, a rigorous empirical evaluation was conducted, comparing LLMs with traditional tools across metrics such as computational efficiency, energy consumption, and detection accuracy. This analysis underscores the transformative potential of AI-driven methodologies in improving IoT security.

The findings culminate in a proof-of-concept for secure-by-design IoT systems, aligned with OWASP ISVS standards and offering practical recommendations for real-time adaptability. Future research is directed toward federated learning and cross-modal vulnerability assessments, fostering scalable and ethically sound IoT security frameworks.

Thesis is embargoed until 31 July 2026.

Date of Award	Jul 2025
Original language	English
Awarding Institution	Queen's University Belfast
Supervisor	Paul McMullan (Supervisor) & Desmond Greer (Supervisor)

Keywords

IoT security
static analysis tools
firmware vulnerabilities
large language models (LLMs)
HALO (Human-Aligned Loss Optimization)
contrastive preference Optimization (CPO)
direct preference optimization (DPO)
Kahneman-Tversky Optimization (KTO)
dataset alignment
retrieval-augmented Generation (RAG)
bias mitigation
dual-method framework
secure-by-design
transformers
risk mitigation model

Cite this

Standard

Secure internet of things using deep learning: applying transformer-based NLP techniques for enhanced IoT security

Abstract

Keywords

Cite this

Links

Related content

Research output

Designing and optimizing alignment datasets for IoT security: a synergistic approach with static analysis insights

Static analysis of IoT Firmware: identifying systemic vulnerabilities with RMMIDL

Evaluating alignment techniques for enhancing LLM performance in a closed-domain application: a RAG bench-marking study