PCIDS: Permission and Credibility-Based Intrusion Detection System in IoT Gateways

The Internet of Things (IoT) has evolved into a global platform dramatically facilitating human life through intelligent services. It is straightforward for people to access smart devices through IoT. However, the easy accessibility of IoT devices has also led to unprecedented security challenges for the IoT. To ensure the security of the basic structure of IoT, we need to establish a security barrier that can filter malicious access to IoT devices and achieve the integration of intrusion detection systems (IDS) with intelligent gateways. This paper establishes threat models of DoS, Replay, MITM, and Loophole attacks based on statistical flow characteristics and identity authentication. It uses supervised learning to obtain the credibility index to protect the IoT system. We use the Django framework to verify identity authorization information, the decision tree to determine request attributes, and the real-time status feedback from IoT devices to perform a risk assessment on the current user by pre-calculating the Importance ratio (Ir), the maximum credibility index (Pmax) and the minimum credibility index (Pmin). With administrator verification, we conduct a convergence analysis to obtain user attributes. The experimental results show that our approach achieves a recognition accuracy of 94.7%.