AI-based cyber risk profiling of public IoT devices in Indonesia with blockchain logging mechanism
摘要
The widespread deployment of publicly accessible Internet of Things (IoT) devices in Indonesia’s public sector, such as CCTV systems, traffic sensors, and environmental monitors—has introduced significant cybersecurity risks due to limited visibility and inconsistent protection mechanisms. This study develops and empirically evaluates an AI-based cyber risk profiling framework integrated with a blockchain-based logging mechanism for public IoT infrastructures in Indonesia. Real-world exposure data were collected using the Shodan API and correlated with vulnerability information from the National Vulnerability Database (NVD). An unsupervised Variational Autoencoder (VAE) was trained on 4,021 baseline devices to model normal exposure patterns and applied to 5,480 publicly exposed IoT devices nationwide. The model successfully identified 455 anomalous devices, producing a clear separation between normal and high-risk exposure profiles. Evaluation results indicate strong anomaly detection capability within the studied dataset, supporting reliable risk stratification without reliance on labeled data. Risk profiling further revealed that 94.83% of analyzed devices fell into the CRITICAL risk category, with routers and CCTV systems exhibiting substantially higher vulnerability exposure compared to communication devices. Geographic analysis showed notable regional disparities, with anomaly prevalence exceeding 95% in several industrial regions, while remaining significantly lower in metropolitan areas such as Jakarta. To ensure integrity and auditability of risk records, a blockchain-based logging mechanism using Hyperledger Fabric was implemented and validated at a proof-of-concept level. The blockchain prototype demonstrated successful immutable storage of risk profiles through core chaincode functions, enabling transparent and tamper-resistant audit trails. Overall, the proposed framework provides empirical evidence of the feasibility of combining AI-driven anomaly detection with blockchain-based logging to support scalable and accountable cyber risk monitoring for public IoT infrastructures in Indonesia.