Logo PTI Logo rice

Proceedings of the 2024 Ninth International Conference on Research in Intelligent Computing in Engineering

Annals of Computer Science and Information Systems, Volume 42

Real Time Adaptive Access Control with Behavioral Analytics for Enhanced Cybersecurity in IoT and Cloud Systems

, , , , , , ,

DOI: http://dx.doi.org/10.15439/2024R75

Citation: Proceedings of the 2024 Ninth International Conference on Research in Intelligent Computing in Engineering, Vijender Kumar Solanki, Tran Duc Tan, Pradeep Kumar, Manuel Cardona (eds). ACSIS, Vol. 42, pages 151155 ()

Full text

Abstract. DACS dynamically adjusts access permissions by analyzing user behavior, context, and risk in real time. It evaluates activity logs, device details, and network conditions to identify anomalies, such as irregular login times or unfamiliar devices, triggering access restrictions or additional authentication. Using a neural network trained on historical data, DACS assigns risk scores to access attempts, categorizing them as low, moderate, or high-risk. Low-risk behaviors allow seamless access, while high-risk attempts undergo scrutiny. Our implementation demonstrates DACS's scalability, low latency, and superior detection accuracy compared to static models. These findings position DACS as a proactive, intelligent solution to address the dynamic challenges of secure access in real-time, high-demand environments.

References

  1. Ameer, Safwa, James Benson, and Ravi Sandhu. "An attribute-based approach toward a secured smart-home IoT access control and a comparison with a role-based approach." Information 13, no. 2 (2022): 60.
  2. Ameer, Safwa, James Benson, and Ravi Sandhu. "Hybrid approaches (ABAC and RBAC) toward secure access control in smart home IoT." IEEE Transactions on Dependable and Secure Computing 20, no. 5 (2022): 4032-4051.
  3. Burakgazi Bilgen, Melike, Osman Abul, and Kemal Bicakci. "Authentication-enabled attribute-based access control for smart homes." International Journal of Information Security 22, no. 2 (2023): 479-495.
  4. Ameer, Safwa. "User-To-Device Access Control Models for Cloud-Enabled IoT with Smart Home Case Study." PhD diss., The University of Texas at San Antonio, 2021.
  5. Ameer, Safwa, James Benson, and Ravi Sandhu. "The EGRBAC model for smart home IoT." In 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI), pp. 457-462. IEEE, 2020.
  6. Huang, Haoxiang, Jianbiao Zhang, Jun Hu, Yingfang Fu, and Chenggang Qin. "Research on distributed dynamic trusted access control based on security subsystem." IEEE Transactions on Information Forensics and Security 17 (2022): 3306-3320.
  7. Kim, Hwimin, Dae-Kyoo Kim, and Alaa Alaerjan. "ABAC-based security model for DDS." IEEE Transactions on Dependable and Secure Computing 19, no. 5 (2021): 3113-3124.
  8. Vijayanand, S., and S. Saravanan. "A deep learning model based anomalous behavior detection for supporting verifiable access control scheme in cloud servers." Journal of Intelligent & Fuzzy Systems 42, no. 6 (2022): 6171-6181.
  9. Liu, Yifan, Bo Zhao, Yang An, and Jiabao Guo. "DACAS: integration of attribute-based access control for northbound interface security in SDN." World Wide Web 26, no. 4 (2023): 2143-2173.
  10. Gong, Qinghua, Jinnan Zhang, Zheng Wei, Xinmin Wang, Xia Zhang, Xin Yan, Yang Liu, and Liming Dong. "SDACS: Blockchain-Based Secure and Dynamic Access Control Scheme for Internet of Things." Sensors 24, no. 7 (2024): 2267.
  11. Alazab, Moutaz, Albara Awajan, Hadeel Alazzam, Mohammad Wedyan, Bandar Alshawi, and Ryan Alturki. "A novel IDS with a dynamic access control algorithm to detect and defend intrusion at IoT nodes." Sensors 24, no. 7 (2024): 2188.
  12. Alharbe, Nawaf, Abeer Aljohani, Mohamed Ali Rakrouki, and Mashael Khayyat. "An access control model based on system security risk for dynamic sensitive data storage in the cloud." Applied Sciences 13, no. 5 (2023): 3187.
  13. Farhadighalati, Nastaran, Jose Barata, Sanaz Nikghadam-Hojjati, and Eda Marchetti. "Behavioral and Human-Centric Access Control Model in XACML Reference Architecture: Design and Implementation of EHR Case Study." In Technological Innovation for Human-Centric Systems: 15th IFIP WG 5.5/SOCOLNET Advanced Doctoral Conference on Computing, Electrical and Industrial Systems, DoCEIS 2024, Caparica, Portugal, July 3-5, 2024, Proceedings, vol. 716, p. 192. Springer Nature, 2024.
  14. Xiao, Lifang, Aimin Yu, Hanyu Wang, Lixin Zhao, and Dan Meng. "MLCAC: Dynamic Authorization and Intelligent Decision-making towards Insider Threats." In 2024 27th International Conference on Computer Supported Cooperative Work in Design (CSCWD), pp. 407-412. IEEE, 2024.
  15. Burakgazi Bilgen, Melike, Osman Abul, and Kemal Bicakci. "Authentication-enabled attribute-based access control for smart homes." International Journal of Information Security 22, no. 2 (2023): 479-495.
  16. Zhonghua, Chen, S. B. Goyal, and Anand Singh Rajawat. "Smart contracts attribute-based access control model for security & privacy of IoT system using blockchain and edge computing." The Journal of Supercomputing 80, no. 2 (2024): 1396-1425.
  17. Zhong, Tao, Junsheng Chang, Peichang Shi, Linhui Li, and Fei Gao. "Dyacon: Jointcloud dynamic access control model of data security based on verifiable credentials." In 2021 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom), pp. 336-343. IEEE, 2021.