TY - GEN
T1 - Uncertainty-aware authentication model for IoT
AU - Heydari, Mohammad
AU - Mylonas, Alexios
AU - Katos, Vasilis
AU - Balaguer-Ballester, Emili
AU - Altaf, Amna
AU - Tafreshi, Vahid Heydari Fami
PY - 2020/2/22
Y1 - 2020/2/22
N2 - Handling the process of authentication for the hundred million of computer embedded devices in Internet of Things (IoT) is not achievable without considering inherent IoT characteristics like scalability, heterogeneity, dependency and dynamism. In one hand, traditional and emerging access control models cannot handle indeterminate data access scenarios in IoT by applying deterministic access policies. On the other hand, moving towards resilient access control paradigms needs new attitudes and current manual risk analysis methods that rely on vulnerability calculations do not fit in IoT. This holds true as considering vulnerability as the key player in risk assessment is no longer efficient way to tackle with indeterminate access scenarios due to complicated dependency and scalability of IoT environment. Moreover, most of the IoT devices are not patchable so by discovering new vulnerabilities the vulnerable devices need to be replaced. Therefore, IoT needs agile, resilient and automatic authentication process. This work suggests a novel authentication method based on our previous work in which uncertainty was introduced as one of the neglected challenges in IoT. Uncertainty in authentication derived from incomplete information about incident happening upon authenticating an entity. Part of IoT characteristics makes such an uncertainty worse. Therefore, we have proposed an uncertainty-aware authentication model based on Attribute-Based Access Control (ABAC). Our prediction model is able to consider the uncertainty factor of mobile entities as well as fixed ones in authentication. In doing so, we have built our prediction model using boosting classifiers (AdaBoost and Gradient Boosting algorithms) besides voting classifier. We have compared the results with our previous work. Our designated model (AdaBoost) can achieve authentication performance with 86.54% accuracy.
AB - Handling the process of authentication for the hundred million of computer embedded devices in Internet of Things (IoT) is not achievable without considering inherent IoT characteristics like scalability, heterogeneity, dependency and dynamism. In one hand, traditional and emerging access control models cannot handle indeterminate data access scenarios in IoT by applying deterministic access policies. On the other hand, moving towards resilient access control paradigms needs new attitudes and current manual risk analysis methods that rely on vulnerability calculations do not fit in IoT. This holds true as considering vulnerability as the key player in risk assessment is no longer efficient way to tackle with indeterminate access scenarios due to complicated dependency and scalability of IoT environment. Moreover, most of the IoT devices are not patchable so by discovering new vulnerabilities the vulnerable devices need to be replaced. Therefore, IoT needs agile, resilient and automatic authentication process. This work suggests a novel authentication method based on our previous work in which uncertainty was introduced as one of the neglected challenges in IoT. Uncertainty in authentication derived from incomplete information about incident happening upon authenticating an entity. Part of IoT characteristics makes such an uncertainty worse. Therefore, we have proposed an uncertainty-aware authentication model based on Attribute-Based Access Control (ABAC). Our prediction model is able to consider the uncertainty factor of mobile entities as well as fixed ones in authentication. In doing so, we have built our prediction model using boosting classifiers (AdaBoost and Gradient Boosting algorithms) besides voting classifier. We have compared the results with our previous work. Our designated model (AdaBoost) can achieve authentication performance with 86.54% accuracy.
KW - Authentication
KW - Internet of Things
KW - Prediction model
KW - Supervised learning
KW - Uncertainty
UR - http://www.scopus.com/inward/record.url?scp=85081625261&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-42048-2_15
DO - 10.1007/978-3-030-42048-2_15
M3 - Conference contribution
AN - SCOPUS:85081625261
SN - 9783030420475
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 224
EP - 237
BT - Computer Security - ESORICS 2019 International Workshops, CyberICPS, SECPRE, SPOSE, and ADIoT, Revised Selected Papers
A2 - Katsikas, Sokratis
A2 - Katsikas, Sokratis
A2 - Cuppens, Frédéric
A2 - Cuppens, Nora
A2 - Lambrinoudakis, Costas
A2 - Gritzalis, Stefanos
A2 - Kalloniatis, Christos
A2 - Mylopoulos, John
A2 - Antón, Annie
A2 - Pallas, Frank
A2 - Pohle, Jörg
A2 - Sasse, Angela
A2 - Meng, Weizhi
A2 - Furnell, Steven
A2 - Garcia-Alfaro, Joaquin
PB - Springer Nature Link
T2 - 5th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2019, the 3rd International Workshop on Security and Privacy Requirements Engineering, SECPRE 2019, the 1st International Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2019, and the 2nd International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2019, held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019
Y2 - 26 September 2019 through 27 September 2019
ER -