Access Control Based on Log File for Internet of Things Devices

Abstract

The use of Internet of Things devices has lately increased significantly, leading to the management of a diverse set of nodes and a vast number of data. Most Internet of Things nodes have limited resources and are vulnerable to a variety of threats and failures. Therefore, numerous novel techniques have been conducted to secure resource-constrained devices such as access control. In this work, we proposed an access control mechanism by using the user log files when they interact with their Internet of Things devices. Where it is possible to define and enforce access control restrictions and follow logs through log files to monitor the user accessing behaviors. This mechanism can be applied as an extra security layer along with any traditional user authentication access control to have the effective and accurate access control to prevent intrusion reveal information in the Internet of Things devices. To do this, we developed three Internet of Things applications on mobile, table, and website pages with different functionalities and goals to store the user log file features. We collected a large-scale date-set from over a thousand participants. Three machine learning algorithms: J48, Part, and Naive Bayes are applied and compared to predict the legitimate users. Several experiments were performed with significant results.