To address the challenges of poor vulnerability comprehension and low adaptability in dynamic IoT security scenarios, this paper proposes an IoT-oriented Large Language Model (LLM)-based Security Assistant. The core method introduces the Identity-Knowledge-Vulnerability Decoupled Chain-of-Thought (ICoT) reasoning framework—the first of its kind for IoT security—integrating structured security knowledge injection with role-aware fine-tuning to enable explainable, personalized, and adaptive security analysis. Experimental results demonstrate that, compared to baseline LLM approaches, the proposed method improves security question understanding accuracy by 37.2%, achieves a 91.4% adoption rate for personalized mitigation recommendations, and validates high reliability in real-world IoT penetration testing. This work establishes a novel paradigm for deploying LLMs in edge-security applications, bridging the gap between foundation models and domain-specific, context-aware IoT threat intelligence.

The rapid development of Internet of Things (IoT) technology has transformed people's way of life and has a profound impact on both production and daily activities. However, with the rapid advancement of IoT technology, the security of IoT devices has become an unavoidable issue in both research and applications. Although some efforts have been made to detect or mitigate IoT security vulnerabilities, they often struggle to adapt to the complexity of IoT environments, especially when dealing with dynamic security scenarios. How to automatically, efficiently, and accurately understand these vulnerabilities remains a challenge. To address this, we propose an IoT security assistant driven by Large Language Model (LLM), which enhances the LLM's understanding of IoT security vulnerabilities and related threats. The aim of the ICoT method we propose is to enable the LLM to understand security issues by breaking down the various dimensions of security vulnerabilities and generating responses tailored to the user's specific needs and expertise level. By incorporating ICoT, LLM can gradually analyze and reason through complex security scenarios, resulting in more accurate, in-depth, and personalized security recommendations and solutions. Experimental results show that, compared to methods relying solely on LLM, our proposed LLM-driven IoT security assistant significantly improves the understanding of IoT security issues through the ICoT approach and provides personalized solutions based on the user's identity, demonstrating higher accuracy and reliability.