PCIDS: Permission and Credibility-Based Intrusion Detection System in IoT Gateways
Chen Zhang, Zhuotao Lian, Huakun Huang, Chunhua Su
Abstract
The Internet of Things (IoT) has evolved into a global platform dramatically facilitating human life through intelligent services. It is straightforward for people to access smart devices through IoT. However, the easy accessibility of IoT devices has also led to unprecedented security challenges for the IoT. To ensure the security of the basic structure of IoT, we need to establish a security barrier that can filter malicious access to IoT devices and achieve the integration of intrusion detection systems (IDSs) with intelligent gateways. This article establishes threat models of Denial of Service, Replay, man-in-the-middle, and Loophole attacks based on statistical flow characteristics and identity authentication. It uses supervised learning to obtain the credibility index to protect the IoT system. We use the Django framework to verify identity authorization information, the decision tree to determine request attributes, and the real-time status feedback from IoT devices to perform a risk assessment on the current user by precalculating the importance ratio (Ir), the maximum credibility index <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$(P_{\mathrm {max}})$ </tex-math></inline-formula> , and the minimum credibility index <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$(P_{\mathrm {min}})$ </tex-math></inline-formula> . With administrator verification, we conduct a convergence analysis to obtain user attributes. The experimental results show that our approach achieves a recognition accuracy of 94.7%.