ANFIS for risk estimation in risk-based access control model for smart homes

Abstract

AbstractThe risk-based access control model is one of the dynamic models that use the security risk as a criterion to decide the access decision for each access request. This model permits or denies access requests dynamically based on the estimated risk value. The essential stage of implementing this model is the risk estimation process. This process is based on estimating the possibility of information leakage and the value of that information. Several researchers utilized different methods for risk estimation but most of these methods were based on qualitative measures, which cannot suit the access control context that needs numeric and precise risk values to decide either granting or denying access. Therefore, this paper presents a novel Adaptive Neuro-Fuzzy Inference System (ANFIS) model for risk estimation in the risk-based access control model for the Internet of Things (IoT). The proposed ANFIS model was implemented and evaluated against access control scenarios of smart homes. The results demonstrated that the proposed ANFIS model provides an efficient and accurate risk estimation technique that can adapt to the changing conditions of the IoT environment. To validate the applicability and effectiveness of the proposed ANFIS model in smart homes, ten IoT security experts were interviewed. The results of the interviews illustrated that all experts confirmed that the proposed ANFIS model provides accurate and realistic results with a 0.713 in Cronbach’s alpha coefficient which indicates that the results are consistent and reliable. Compared to existing work, the proposed ANFIS model provides an efficient processing time as it reduces the processing time from 57.385 to 10.875 Sec per 1000 access requests, which demonstrates that the proposed model provides effective and accurate risk evaluation in a timely manner.