Skip to main content
SpringerLink
Log in

Uncertainty-Aware Authentication Model for IoT

  • Conference paper
  • First Online:
Computer Security (CyberICPS 2019, SECPRE 2019, SPOSE 2019, ADIoT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11980))

  • 1644 Accesses

Abstract

Handling the process of authentication for the hundred million of computer embedded devices in Internet of Things (IoT) is not achievable without considering inherent IoT characteristics like scalability, heterogeneity, dependency and dynamism. In one hand, traditional and emerging access control models cannot handle indeterminate data access scenarios in IoT by applying deterministic access policies. On the other hand, moving towards resilient access control paradigms needs new attitudes and current manual risk analysis methods that rely on vulnerability calculations do not fit in IoT. This holds true as considering vulnerability as the key player in risk assessment is no longer efficient way to tackle with indeterminate access scenarios due to complicated dependency and scalability of IoT environment. Moreover, most of the IoT devices are not patchable so by discovering new vulnerabilities the vulnerable devices need to be replaced. Therefore, IoT needs agile, resilient and automatic authentication process. This work suggests a novel authentication method based on our previous work in which uncertainty was introduced as one of the neglected challenges in IoT. Uncertainty in authentication derived from incomplete information about incident happening upon authenticating an entity. Part of IoT characteristics makes such an uncertainty worse. Therefore, we have proposed an uncertainty-aware authentication model based on Attribute-Based Access Control (ABAC). Our prediction model is able to consider the uncertainty factor of mobile entities as well as fixed ones in authentication. In doing so, we have built our prediction model using boosting classifiers (AdaBoost and Gradient Boosting algorithms) besides voting classifier. We have compared the results with our previous work. Our designated model (AdaBoost) can achieve authentication performance with 86.54% accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Zhou, W., Jia, Y., Peng, A., Zhang, Y., Liu, P.: The effect of IoT new features on security and privacy: new threats, existing solutions, and challenges yet to be solved. IEEE Internet Things J. 6(2), 1606–1616 (2018)

    Article  Google Scholar 

  2. Bertino, E., Choo, K.-K.R., Georgakopolous, D., Nepal, S.: Internet of Things (IoT): smart and secure service delivery. ACM Trans. Internet Technol. 16(4), 22–29 (2016)

    Article  Google Scholar 

  3. Restuccia, F., D’Oro, S., Melodia, T.: Securing the Internet of Things in the age of machine learning and software-defined networking. IEEE Internet Things 5(6), 4829–4842 (2018)

    Article  Google Scholar 

  4. Zhang, C., Green, R.: Communication security in Internet of Thing: preventive measure and avoid DDoS attack over IoT network. In: IEEE Symposium on Communications & Networking (2015)

    Google Scholar 

  5. Stallings, W.: Access control. In: Computer Security, Principles and Practice. Pearson (2017)

    Google Scholar 

  6. Ouaddah, A., Mousannif, H., Abou, A., Abdellah, E.: Access control in the Internet of Things: big challenges and new opportunities. Comput. Netw. 112, 237–262 (2017)

    Article  Google Scholar 

  7. Heydari, M., Mylonas, A., Katos, V., Gritzalis, D.: Towards indeterminacy-tolerant access control in IoT. In: Dehghantanha, A., Choo, K.-K.R. (eds.) Handbook of Big Data and IoT Security, pp. 53–71. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-10543-3_4

    Chapter  Google Scholar 

  8. Rizvi, S.Z.R., Fong, P.W.L.: Interoperability of relationship - and role-based access model. In: Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy (2016)

    Google Scholar 

  9. Kaiwen, S., Lihua, Y.: Attribute-role-based hybrid access control in the Internet of Things. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds.) APWeb 2014. LNCS, vol. 8710, pp. 333–343. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11119-3_31

    Chapter  Google Scholar 

  10. Biswas, P., Sandhu, R., Krishnan, R.: Attribute transformation for attribute-based access control. In: Proceedings of the 2nd ACM International Workshop on Attribute-Based Access Control (2017)

    Google Scholar 

  11. Savinov, S.: A dynamic risk-based access control approach: model and implementation. Ph.D. thesis, University of Waterloo (2017)

    Google Scholar 

  12. Salim, F.: Approaches to access control under uncertainty. Ph.D. thesis, Queensland University of Technology (2012)

    Google Scholar 

  13. Ferreira, A., Cruz-Correia, R., Antunes, L.: How to break access control in a controlled manner. In: 19th IEEE International Symposium on Computer-Based Medical Systems (2006)

    Google Scholar 

  14. Maw, H.A., Xiao, H., Christianson, B., Malcolm, J.A.: BTG-AC: break-the-glass access control model for medical data in wireless sensor networks. IEEE J. Biomed. Health Inform. 20(3), 763–774 (2016)

    Article  Google Scholar 

  15. Schefer-Wenzl, S., Strembeck, M.: Generic support for RBAC break-glass policies in process-aware information systems. In: 28th Annual ACM Symposium on Applied Computing (2013)

    Google Scholar 

  16. Povey, D.: Optimistic security: a new access control paradigm. In: ACM Workshop on New Security Paradigms (1999)

    Google Scholar 

  17. Molloy, I., Dickens, L., Morisset, C., Cheng, P.C., Lobo, J., Russo, A.: Risk-based security decisions under uncertainty. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy (2012)

    Google Scholar 

  18. Bijon, K.Z., Krishnan, R., Sandhu, R.: Risk-aware RBAC sessions. In: Venkatakrishnan, V., Goswami, D. (eds.) ICISS 2012. LNCS, vol. 7671, pp. 59–74. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35130-3_5

    Chapter  Google Scholar 

  19. Baracaldo, N., Joshi, J.: A trust-and-risk aware RBAC framework: tackling insider threat. In: ACM Proceedings of the 17th Symposium on Access Control (2012)

    Google Scholar 

  20. Baracaldo, N., Joshi, J.: An adaptive risk management and access control framework to mitigate insider threats. J. Comput. Secur. 39, 237–254 (2013)

    Article  Google Scholar 

  21. Dimmock, N., Belokosztolszki, A., Eyers, D., Bacon, J., Moody, K.: Using trust and risk in role-based access control policies. In: ACM Symposium on Access Control Models and Technologies (SACMAT) (2014)

    Google Scholar 

  22. Bacon, J., Moody, K., Yao, W.: A model of OASIS role-based access control and its support for active security. ACM Trans. Inf. Syst. Secur. 5(4), 492–540 (2002)

    Article  Google Scholar 

  23. Atlam, H.F., Alenezi, A., Walters, R.J., Wills, G.B., Daniel, J.: Developing an adaptive risk-based access control model for the Internet of Things. In: IEEE International Conference on Internet of Things (2017)

    Google Scholar 

  24. Nogoorani, S.D., Jalili, R.: TIRIAC: a trust-driven risk-aware access control framework for grid environments. Future Gener. Comput. Syst. 55, 238–254 (2016)

    Article  Google Scholar 

  25. Nurse, J.R.C., Creese, S., De Roure, D.: Security risk assessment in Internet of Things systems. IT Prof. 19(5), 20–26 (2017)

    Article  Google Scholar 

  26. Ghorbani, H.R., Ahmadzadegan, M.H.: Security challenges in Internet of Things: survey. In: IEEE Conference on Wireless Sensors (ICWiSe) (2017)

    Google Scholar 

  27. Frustaci, M., Pace, P., Aloi, G., Fortino, G.: Evaluating critical security issues of the IoT world: present and future challenges. IEEE Internet Things J. 5(4), 2327–4662 (2017)

    Google Scholar 

  28. Heydari, M., Mylonas, A., Katos, V., Balaguer-Ballester, E., Tafreshi, V.H.F., Benkhelifa, E.: Uncertainty-aware authentication model for fog computing in IoT. In: The Fourth IEEE International Conference on Fog and Mobile Edge Computing, Rome, Italy (2019)

    Google Scholar 

  29. Gallagher, P.D.: NISP SP800-30 guide for conducting risk assesment. In: NIST (2012)

    Google Scholar 

  30. Moses, T.: Extensible access control markup language (XACML). In: OASIS (2013)

    Google Scholar 

  31. User-Computer Authentication Associations in Time. Los Alamos National Laboratory. https://csr.lanl.gov/data/auth/. Accessed 13 Feb 2019

  32. Lohweg, V.: Banknote authentication data set. Center for machine learning and intelligent systems, University of California. https://archive.ics.uci.edu/ml/datasets/banknote+authentication. Accessed 13 Feb 2019

  33. Premarathne, U.S., Khalil, I., Atiquzzaman, M.: Location-dependent disclosure risk based decision support framework for persistent authentication in pervasive computing applications. Comput. Netw. 88, 161–177 (2015)

    Article  Google Scholar 

  34. Marcus, P., Linnhoff-Popien, C.: Efficient evaluation of location predicates for access control systems. In: IEEE Sixth UKSim/AMSS European Symposium on Computer Modeling and Simulation (2012)

    Google Scholar 

  35. Chandrasekaran, G., Wang, N., Hassanpour, M., Xu, M., Tafazolli, R.: Mobility as a service (MaaS): a D2D-based information centric network architecture for edge-controlled content distribution. IEEE Access 6, 2110–2129 (2018)

    Article  Google Scholar 

  36. Ekman, F., Keranen, A., Karvo, J., Ott, J.: Working day movement model. In: ACM Proceedings of the 1st ACM SIGMOBILE Workshop on Mobility Models (2008)

    Google Scholar 

  37. Keränen, A., Ott, J., Kärkkäinen, T.: The ONE simulator for DTN protocol evaluation. In: ACM Proceedings of the 2nd International Conference on Simulation Tools and Techniques (2009)

    Google Scholar 

  38. Aggarwal, C.C.: An introduction to data mining. Data Mining, pp. 1–26. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14142-8_1

    Chapter  MATH  Google Scholar 

  39. Hu, W., Hu, W., Maybank, S.: AdaBoost-based algorithm for network intrusion detection. IEEE Trans. Syst. Man Cybern. Part B (Cybern.) 28(2), 577–583 (2008)

    Google Scholar 

  40. Punmiya, R., Choe, S.: Energy theft detection using gradient boosting theft detector with feature engineering-based preprocessing. IEEE Trans. Smart Grid 10(2), 2326–2329 (2019)

    Article  Google Scholar 

  41. Raschka, S., Mirjalili, V.: Combining different models for ensemble learning. In: Python Machine Learning. Packt Publishing, pp. 219–233 (2017)

    Google Scholar 

  42. Ian, H., Frank, E., Hall, M.A., Pal, C.J.: Data mining: practical machine learning tools and techniques. Morgan Kaufmann Series in Data Management Systems (2016)

    Google Scholar 

  43. Fawcett, T.: An introduction to ROC analysis. Pattern Recogn. Lett. 27(8), 861–874 (2006)

    Article  MathSciNet  Google Scholar 

  44. Davis, J., Goadrich, M.: The relationship between precision-recall and ROC curves. In: Proceedings of the 23rd International Conference on Machine Learning, ICML 2006 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computing and Informatics, Bournemouth University, Bournemouth, UK

    Mohammad Heydari, Alexios Mylonas, Vasilis Katos, Emili Balaguer-Ballester & Amna Altaf

  2. School of Computing and Digital Technologies, Staffordshire University, Stoke, UK

    Vahid Heydari Fami Tafreshi

Authors
  1. Mohammad Heydari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexios Mylonas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vasilis Katos
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Emili Balaguer-Ballester
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Amna Altaf
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Vahid Heydari Fami Tafreshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Heydari .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis Katsikas

  2. IMT Atlantique, Brest, France

    Frédéric Cuppens

  3. IMT Atlantique, Brest, France

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. University of Toronto, Toronto, ON, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, GA, USA

    Annie Antón

  8. University of Piraeus, Piraeus, Greece

    Stefanos Gritzalis

  9. Technical University of Berlin, Berlin, Germany

    Frank Pallas

  10. Alexander von Humboldt Institute for Internet and Society, Berlin, Germany

    Jörg Pohle

  11. Ruhr University Bochum, Bochum, Germany

    Angela Sasse

  12. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  13. University of Plymouth, Plymouth, UK

    Steven Furnell

  14. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Heydari, M., Mylonas, A., Katos, V., Balaguer-Ballester, E., Altaf, A., Tafreshi, V.H.F. (2020). Uncertainty-Aware Authentication Model for IoT. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE SPOSE ADIoT 2019 2019 2019 2019. Lecture Notes in Computer Science(), vol 11980. Springer, Cham. https://doi.org/10.1007/978-3-030-42048-2_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42048-2_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42047-5

  • Online ISBN: 978-3-030-42048-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation