CTIoT: A Cyber Threat Intelligence Tool for IoT

The Internet of Things (IoT) has enabled intelligent services and revolutionized industries due to its sensing, actuating, and connectivity capabilities. However, this rapid expansion has also led to a surge of various types of vulnerabilities, posing significant challenges to the security and integrity of IoT ecosystems. The increasing number of vulnerabilities in IoT is explained by factors such as limited processing power and constrained resources, making them easy targets for cyberattacks. In this context, Cyber Threat Intelligence (CTI) plays a crucial role in providing actionable intelligence to identify, detect, and respond to threats targeting IoT infrastructure. Through threat intelligence feeds, analysis of indicators of compromise (IoCs), and proactive threat hunting, CTI enables organizations to enhance their situational awareness and strengthen their defenses against IoT-related threats. This paper proposes Cyber Threat Intelligence for IoT (CTIoT), a solution that effectively leverages CTI information to enhance IoT security. It actively and automatically collects and processes CTI data from heterogeneous sources, using Natural Language Processing (NLP) to identify vulnerabilities and threats related to IoT. The information is then presented in graph format that can be used by Graph Machine Learning to predict and detect cyberattacks. The proof of concept demonstrates the ability of our solution to monitor CTI data related to multiple IoT smart spaces with multiple IoT devices.