2025-09-06 –, Rookie Track
The proliferation of Internet of Things (IoT) devices necessitates advanced access control mechanisms that overcome the limitations of traditional static models. However, dynamic models employed suffer from subjectivity, high deployment burdens, frequently fail to consider comprehensive factors, or cold start issues. This research introduces a novel new ML framework that automates and initial risk assignment of new devices based on simulation. This research aimed to show whether ML can be used to automated, dynamic, and consistent initial risk assessments to make risk based access models (RBAC) more viable, with a focus on ITS systems.
A simulation platform was developed with Kathara, custom docker images and python. An evolutionary ML model was then used to assign initial risk factors which was leveraged by a generic fuzzy logic system to make predictions inside the simulation.
Results showed that whilst the ML model learnt the basic trends of the features that had a large influence on the reliability it struggled with the lower impact features due to the noisiness of the simulations. Further research is needed to both enhance simulation realism and for more robust and consistent performance.
A new approach to assigning initial risk in a simulated ITS (intelligent traffic system). This uses devices initial characteristics combined with simulated behaviour of the entire network to understand which attributes affect risk. This can include factors such as manufacturer, whether updates were signed, age of device etc. The first stage involved hard coding obvious patterns such as depreciating trust with age or signed updates being more reliable. The end goal is for more realistic simulation to reveal patterns not inherently obvious whilst also decreasing the burden of deploying RBAC (risk-based access control) to IOT systems.
A recently graduated cybersecurity student from Warwick university (or at least I should be when you see this).