SRIG 25-10: Improving IOT Security Through AI Integration with Shodan for Automated Vulnerability Detection and Risk Assessment
What was the issue being addressed?
The issue addressed in this project was the lack of automated, real-time vulnerability detection and risk assessment for Internet of Things (IoT) devices using Shodan data. Shodan provides visibility into exposed devices by scanning for open ports, services, and banners, but it does not classify attacks, measure severity, or suggest mitigation strategies. Analysts must manually inspect results, a process that is slow, error-prone, and impractical given the billions of IoT devices online. To close this gap, the project developed an artificial intelligence (AI)–driven framework that integrates Shodan outputs with machine learning models. The system automatically detects threats, assigns severity scores, and maps vulnerabilities to the Common Vulnerabilities and Exposures (CVEs) database, turning raw Shodan data into actionable security intelligence.
Title: Improving IOT Security Through AI Integration with Shodan for Automated Vulnerability Detection and Risk Assessment
Dept: Technology Information
Student(s): Jagdeep Kaur Pannu, Ramanpreet Kaur
Supervisor(s): Massoud Ghassemi
UN Goals: 9, 12, 13, 16
Provide a brief, lay description of the work undertaken/initiative.
This project focused on making internet-connected devices, like smart cameras and home routers, more secure. We used Shodan, a tool that scans the internet for devices, and combined it with artificial intelligence to automatically check which devices might be at risk of cyberattacks. By training computer models to recognize different types of attacks, the system can not only detect problems but also link them to known security issues and suggest fixes. In simple terms, the work turned raw data about devices into practical security advice that helps protect people and organizations from hackers
What is the expected impact this project will have on the community?
The expected impact of this project on the community is to improve the security and resilience of everyday internet-connected devices such as home routers, cameras, and smart appliances. By turning Shodan data into automated, actionable insights, the framework helps identify vulnerabilities faster and with greater accuracy than manual methods. This means both individuals and organizations can be better protected from cyberattacks like botnets, data theft, and service disruptions. In the long term, the project supports a safer digital environment, reduces the risk of large-scale IoT-driven cyber incidents, and raises awareness about securing devices that are often overlooked.