Behavioral Biometrics for IoT Security: A Machine Learning Framework for Smart Homes

Arpit Garg

Authors

Arpit Garg Infosys, PA, USA Author

Keywords:

Machine Learning, Access Control, Smart Home, Internet of Things, Intrusion Detection, Federated Learning, Anomaly Detection, Convolutional Neural Networks (CNN), Autoencoder, Edge Computing, Privacy-Preserving AI, Smart Lock, Behavior-Based Authentication, IoT Security, Lightweight Models

Abstract

The exponential proliferation of IoT devices and smart home technologies has posed fresh challenges in controlling secure access. Outdated mechanisms of access-using passwords, key-fobs, or biometrics-have become inadequate in tackling threats that constantly change and evolve within the heterogeneous and interconnected environments. Thus, ML has been recognized to provide a promising paradigm to strengthen access control mechanisms, to enforce dynamic adaptability, and to realize real-time anomaly detection and behavior-based decision-making powers.

This paper conducts extensive research into machine learning-based access control systems for smart home and IoT environments. The limitations of traditional access control methods are discussed, thus underscoring the need for intelligent, automated systems that can learn contextual access behaviors. The second part of the study conducts a thorough literature review that reinforces the advantages of ML models, including Random Forest, CNNs, Autoencoders, and Federated Learning frameworks, for assisting legitimate users while detecting anomalies in real time [3], [5], [6], [10], [28].

Proposed is a concept integrating supervised and unsupervised learning models into the access control framework to be trained on benchmark datasets such as IoTID20 and Bot-IoT, with evaluation metrics including accuracy, precision, recall, and F1-score, therefore showing a significant improvement upon detection performance compared to legacy systems. The highest accuracy of 96.1% was achieved by CNNs, whereas Autoencoders did have good anomaly detection capabilities with the lowest training overhead. Moreover, the smart door lock case study allows evaluating real-world applicability and latency performance.

Finally, the work describes emerging trends such as privacy-preserving learning, XAI, lightweight edge inference, and 6G-enabled IoT security architecture integration. The studies confirmed and validated that ML-powered access control systems can help to secure IoT while making scalable, adaptive, and intelligent smart home infrastructures. This study offers a working, modular design for the integration of ML-assisted authentication into future-proof smart environments.

References

L. Xiao, X. Wan, X. Lu, Y. Zhang, and D. Wu, “IoT Security Techniques Based on Machine Learning,” arXiv preprint arXiv:1801.06275, 2018.

M. H. Aysa, A. A. Ibrahim, and A. H. Mohammed, “IoT DDoS Attack Detection Using Machine Learning,” in Proc. 2020 4th Int. Symp. Multidisciplinary Studies and Innovative Technologies (ISMSIT), 2020, pp. 1–7.

F. Hussain, R. Hussain, S. A. Hassan, and E. Hossain, “Machine Learning in IoT Security: Current Solutions and Future Challenges,” IEEE Commun. Surveys Tuts., vol. 22, no. 3, pp. 1686–1721, 2020.

M. A. Al-Garadi et al., “A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security,” IEEE Commun. Surveys Tuts., vol. 22, no. 3, pp. 1646–1685, 2020.

E. Bout, V. Loscri, and A. Gallais, “How Machine Learning Changes the Nature of Cyberattacks on IoT Networks: A Survey,” IEEE Commun. Surveys Tuts., vol. 24, no. 1, pp. 248–279, 2022.

A. Jamalipour and S. Murali, “A Taxonomy of Machine-Learning-Based Intrusion Detection Systems for the Internet of Things: A Survey,” IEEE Internet Things J., vol. 9, no. 12, pp. 9444–9466, 2022.

T. Li et al., “Applications of Multi-Agent Reinforcement Learning in Future Internet: A Comprehensive Survey,” IEEE Commun. Surveys Tuts., vol. 24, no. 2, pp. 1240–1279, 2022.

H. Wu, H. Han, X. Wang, and S. Sun, “Research on Artificial Intelligence Enhancing Internet of Things Security: A Survey,” IEEE Access, vol. 8, pp. 153826–153848, 2020.

S. Zaman et al., “Security Threats and Artificial Intelligence Based Countermeasures for Internet of Things Networks: A Comprehensive Survey,” IEEE Access, vol. 9, pp. 94668–94690, 2021.

B. Bojarajulu, S. Tanwar, and A. Rana, “A Synoptic Review on Feature Selection and Machine Learning Models Used for Detecting Cyber Attacks in IoT,” in Proc. 2021 6th Int. Conf. Computing, Communication and Security (ICCCS), 2021, pp. 1–7.

N. Koroniotis, N. Moustafa, and E. Sitnikova, “Forensics and Deep Learning Mechanisms for Botnets in Internet of Things: A Survey of Challenges and Solutions,” IEEE Access, vol. 7, pp. 61764–61785, 2019.

S. Abdelhamid, M. Aref, I. Hegazy, and M. Roushdy, “A Survey on Learning-Based Intrusion Detection Systems for IoT Networks,” in Proc. 2021 Tenth Int. Conf. Intelligent Computing and Information Systems (ICICIS), 2021, pp. 278–288.

A. Uprety and D. B. Rawat, “Reinforcement Learning for IoT Security: A Comprehensive Survey,” IEEE Internet Things J., vol. 8, no. 11, pp. 8693–8706, 2021.

Y. Xin et al., “Machine Learning and Deep Learning Methods for Cybersecurity,” IEEE Access, vol. 6, pp. 35365–35381, 2018.

I. Idrissi, M. Azizi, and O. Moussaoui, “IoT Security with Deep Learning-Based Intrusion Detection Systems: A Systematic Literature Review,” in Proc. 2020 Fourth Int. Conf. Intelligent Computing in Data Sciences (ICDS), 2020, pp. 1–10.

M. T. Mahmood, S. R. A. Ahmed, and M. R. A. Ahmed, “Using Machine Learning to Secure IoT Systems,” in Proc. 2020 4th Int. Symp. Multidisciplinary Studies and Innovative Technologies (ISMSIT), 2020, pp. 1–7.

V. Hassija et al., “A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures,” IEEE Access, vol. 7, pp. 82721–82743, 2019.

R. Doshi, N. Apthorpe, and N. Feamster, “Machine Learning DDoS Detection for Consumer Internet of Things Devices,” in Proc. 2018 IEEE Security and Privacy Workshops (SPW), 2018, pp. 29–35.

Y. Jia et al., “FlowGuard: An Intelligent Edge Defense Mechanism Against IoT DDoS Attacks,” IEEE Internet Things J., vol. 7, no. 10, pp. 9552–9562, 2020.

H. S. Ilango, M. Ma, and R. Su, “Low Rate DoS Attack Detection in IoT-SDN Using Deep Learning,” in Proc. 2021 IEEE Int. Conf. Internet of Things (iThings), 2021, pp. 115–120.

I. Alrashdi et al., “AD-IoT: Anomaly Detection of IoT Cyberattacks in Smart City Using Machine Learning,” in Proc. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), 2019, pp. 0305–0310.

F. Abbasi, M. Naderan, and S. E. Alavi, “Anomaly Detection in Internet of Things Using Feature Selection and Classification Based on Logistic Regression and Artificial Neural Network on N-BaIoT Dataset,” in Proc. 2021 5th Int. Conf. Internet of Things and Applications (IoT), 2021, pp. 1–7.

A. Huč and D. Trček, “Anomaly Detection in IoT Networks: From Architectures to Machine Learning Transparency,” IEEE Access, vol. 9, pp. 60607–60616, 2021.

A. K. Pathak et al., “Anomaly Detection Using Machine Learning to Discover Sensor Tampering in IoT Systems,” in Proc. ICC 2021 - IEEE Int. Conf. Communications, 2021, pp. 1–6.

G. Rosenthal et al., “ARBA: Anomaly and Reputation Based Approach for Detecting Infected IoT Devices,” IEEE Access, vol. 8, pp. 145751–145767, 2020.

V. Mothukuri et al., “Federated-Learning-Based Anomaly Detection for IoT Security Attacks,” IEEE Internet Things J., vol. 9, no. 4, pp. 2545–2554, 2022.

N. K. Sahu and I. Mukherjee, “Machine Learning Based Anomaly Detection for IoT Network,” in Proc. 2020 4th Int. Conf. Trends in Electronics and Informatics (ICOEI), 2020, pp. 787–794.

R. Ramadugu, L. Doddipatla, and R. R. Yerram, "Risk management in foreign exchange for crossborder payments: Strategies for minimizing exposure," Turkish Online Journal of Qualitative Inquiry, pp. 892-900, 2020.

Z. Liu et al., “Anomaly Detection on IoT Network Intrusion Using Machine Learning,” in Proc. 2020 Int. Conf. Artificial Intelligence, Big Data, Computing and Data Communication Systems (icABCD), 2020, pp. 1–5.

M. M. Alani, “IoTProtect: A Machine-Learning-Based Intrusion Detection System for IoT Networks,” IEEE Access, vol. 10, pp. 53215–53228, 2022.

T. Salman and R. Jain, “Security Issues in Internet of Things: A Survey,” Procedia Computer Science, vol. 111, pp. 234–241, 2017.

S. Mehmood, M. A. Khan, A. M. Khan, and M. S. Awan, “Lightweight ML-Based Anomaly Detection for Smart Home Environments,” in Proc. 2022 Int. Conf. Frontiers of Information Technology (FIT), pp. 65–70, 2022.

Y. Lu, Z. Xu, and Q. Zhou, “An Access Control Scheme Based on Deep Learning in Smart Home Environments,” in Proc. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conf. (ITNEC), pp. 256–260.

T. Ferreira et al., “IoT Access Control Using Behavioral Biometrics and Machine Learning,” IEEE Access, vol. 9, pp. 16051–16061, 2021.

J. Zhang, Y. Xiang, and H. Wang, “A Machine Learning Approach to Secure Access Control for IoT Devices,” IEEE Trans. Industrial Informatics, vol. 15, no. 12, pp. 6522–6530, 2019.

Y. Yang et al., “Security and Privacy Issues of IoT Access Control: A Machine Learning Perspective,” IEEE Commun. Surveys Tuts., vol. 23, no. 1, pp. 171–203, 2021.

A. A. Patel, M. Bhatt, and M. Zaveri, “AI-Based Adaptive Authentication for Smart Home Devices,” in Proc. 2020 Int. Conf. Smart Technologies in Computing, Electrical and Electronics (ICSTCEE), pp. 318–322.

H. Lee, J. Kim, and C. Yoo, “Voiceprint Authentication Using CNN for Smart Home Access Control,” in Proc. 2021 IEEE Int. Conf. Consumer Electronics (ICCE), pp. 1–4.

R. B. Pandya and P. D. Parmar, “Multi-Layer Security Model Using Machine Learning for Smart Home Environment,” Journal of Ambient Intelligence and Humanized Computing, vol. 13, no. 6, pp. 2983–2993, 2022.

Autade R. Multi-Modal GANs for Real-Time Anomaly Detection in Machine and Financial Activity Streams. IJAIDSML [Internet]. 2022 Mar. 30 [cited 2025 Jun. 8];3(1):39-48.

R. Ramadugu and L. Doddipatla, "The Role of AI and Machine Learning in Strengthening Digital Wallet Security Against Fraud," Journal of Big Data and Smart Systems, vol. 3, no. 1, 2022.