|
Bin Hulayyil, Sarah
2025.
Leveraging AI technologies for advanced IoT vulnerability detection.
PhD Thesis,
Cardiff University.
Item availability restricted. |
![[thumbnail of Sarah Bin Hulayyil PhD Thesis]](https://orca.cardiff.ac.uk/style/images/fileicons/application_pdf.png "Sarah Bin Hulayyil PhD Thesis") |
PDF (Sarah Bin Hulayyil PhD Thesis)
- Accepted Post-Print Version
Restricted to Repository staff only until 10 February 2027 due to copyright restrictions. Available under License Creative Commons Attribution Non-commercial No Derivatives. Download (15MB) |
|
PDF (Cardiff University Electronic Publication Form)
Restricted to Repository staff only Download (195kB) |
Abstract
The rapid integration of IoT into smart homes has expanded the attack surface, exposing these environments to increasingly sophisticated cyber and physical threats. Existing security approaches are limited by restricted computational capacity, insufficient transparency in decision-making, poor adaptability to emerging zero-day vulnerabilities, and limited support for end-users. This thesis addresses these gaps by designing, developing, and evaluating a series of lightweight, interpretable, and scalable intrusion detection frameworks tailored to resource-constrained IoT ecosystems. The work follows an experimental, data-driven methodology that combines a critical analysis of current detection techniques with the design, implementation, and evaluation of multiple AI-based models. These include CNNs, domain-adapted large language model architectures such as CyBERT, and multimodal networks that integrate cyber and physical data sources. The models are trained and validated on real-world IoT datasets to assess accuracy, computational efficiency, robustness, and suitability for deployment in IoT ecosystems. The thesis first introduces an explainable detection framework for identifying Ripple20 vulnerabilities, employing feature engineering and interpretable machine learning to improve transparency and user trust. It then advances a featureless detection approach based on large language model architectures, demonstrating that domain-specific models operating on raw byte-level inputs can accurately detect unseen attacks without reliance on handcrafted features. To support practical deployment, an accessible detection interface is developed, enabling both expert and non-expert users to analyse network traffic and receive mitigation guidance. Finally, a multimodal intrusion detection framework is proposed that fuses network traffic with video data, enhancing situational awareness and improving detection performance in cyber-physical settings. Collectively, these contributions address the core challenges of explainability, scalability, lightweight operation, usability, and multimodal analysis, thus extending the understanding of how advanced deep learning and language-based models can be applied to IoT security and outline directions for future research on deployable, user-centred intrusion detection in smart home environments.
| Item Type: | Thesis (PhD) |
|---|---|
| Date Type: | Completion |
| Status: | Unpublished |
| Schools: | Schools > Computer Science & Informatics |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Date of First Compliant Deposit: | 13 February 2026 |
| Date of Acceptance: | 10 February 2026 |
| Last Modified: | 13 Feb 2026 09:38 |
| URI: | https://orca.cardiff.ac.uk/id/eprint/184568 |
Actions (repository staff only)
 |
Edit Item |
Download Statistics
Download Statistics