{"paper_id":"05dab555-7d3d-4a4e-aed0-3c5a17b28b29","body_text":"AI-Driven Dynamic Access Control for IoT Devices at the Edge: A Trust-based Approach | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article AI-Driven Dynamic Access Control for IoT Devices at the Edge: A Trust-based Approach Saranya R, Suresh G This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-6757754/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract The challenge of Internet of Things data management has grown considerably since recent times which make its security establishment especially problematic. The complex nature of IoT data security occurs because IoT environments feature diverse dynamic elements. The solution of these security challenges necessitates using sophisticated machine learning along with deep learning algorithms. Part of delivering IoT security consists of giving the correct authorization to devices that meet specified requirements. The proposed work presents a trust based dynamic access control protocol for IoT devices at the edge which uses AI-driven algorithms for operation. The system can monitor device conduct over time and current analysis to determine trust levels which then allows it to modify access permissions automatically for security improvement. Research performs an analysis of the proposed methodology to verify its ability to prevent unauthorized system entry while safeguarding data integrity in IoT networks. Several tests ran in an IoT emulation platform simulated different attack sequences that included invasive access attempts and device intrusions. The experimental testing showed that attack detection reliability increased substantially through the replacement of traditional static access control approaches. Under the trust based model attackers had better detection results because it proved more efficient at differentiating between both legitimate and malicious activities than traditional controls. IoT Artificial Intelligence Trust based ACL ACLs Figures Figure 1 Figure 2 Figure 3 Figure 4 Figure 5 Figure 6 Figure 7 I. INTRODUCTION The Internet of Things (IoT) is one of the most important cutting edge technologies, with its growth and adoption rapidly expanding across all areas of society. From industrial applications to smart home systems, IoT is becoming an integral part of everyday life [1]. The extensive use of IoT has led to thrilling progressions, including faster response times, efficient data transfer, and improved decision-making processes on connected devices. However, a critical challenge lies in safeguarding the massive amounts of data generated by IoT devices. Without operative protection mechanisms, this data becomes highly susceptible to attacks, posing severe security threats from multiple directions and perchance leading to devastating consequences. Traditional access control systems often encounter significant challenges in managing access mechanisms effectively. In these systems, all device data is typically stored in cloud environments, which are inherently more vulnerable to cyberattacks. As a result, data integrity is frequently compromised. Furthermore, the distributed nature of cloud systems increases the risk of data breaches, making it difficult to enforce static access permissions reliably. Conventional models, such as Role-Based Access Control (RBAC), struggle to address complex and evolving threat scenarios, functioning more as blunt tools that can only manage refined or simple access requirements. Additionally, the growing scale of edge systems and the need for dynamic access control at the edge have rendered manual administration increasingly complicated and inefficient [28]. Edge-based IoT devices are on the verge of exposure due to this gap between older solutions and the changing threat landscape. Unexpected weaknesses, such as gaps in the armour, provide opportunities for bad actors to enter the scene. Unexpected and quick zero day attacks take advantage of incorrectly specified permissions to destroy data and functionality. Insider dangers lurk in the shadows, using their master keys stolen credentials to unlock mayhem. The consequences are severe and include all from the strange possibility of compromised critical infrastructure to the theft of personal data. AI-driven dynamic access control is an effective solution for handling access permissions and protecting information against vulnerabilities. This approach is particularly well suited for edge computing environments, as numerous IoT devices and gadgets are connected to edge networks; they generate large volume of data regularly, monitor device authorization, real time risks, and trust validations manually. To address these challenges, dynamically adjusting access permissions based on real time analytics and historical behavioral of data becomes vital. This process not only reduces the risk of unauthorized data access but also strengthens the overall trustworthiness of connected IoT devices. This architecture is built based on trust and the fundamental fabric of access control. Systematically built communication routes would act as secure wall, guarding the data flow. Device IDs would be carefully checked to make sure that only authorised devices are using the network. Devices, users, and the edge gateway would be linked through a robust and intricate network of trust, forming a consistent barrier against forthcoming threats. In this safe environment, gadgets do not exist in isolation. They would learn from one another in this symphony of collective defence, exchanging knowledge and experiences to fortify the perimeter. The edge gateway would act as a watchful sentinel, coordinating access decisions and utilising AI-powered analysis and real-time data to nimbly and accurately enforce policies. However, the human factor still matters most, even in the face of AI's genius and trust's unwavering stability. The goal is to strengthen human judgment by providing it with real-time data and AI-driven insights, rather than replacing it [26]. Humans would become knowledgeable sentinels with smart dashboards and clear visualisations, their experience and intuition directing the entire security posture, prepared to step in when needed, and driving the network towards an unbreakable resilience. By adopting a trust-based strategy and embracing AI-driven dynamic access management, we can both mitigate the inherent risks and realise the limitless promise of edge computing. This is a revolution in the security paradigm, not just a technical achievement, driven by an unshakable commitment to safeguarding our increasingly interconnected world and forged in the furnace of innovation [27]. This is about protecting privacy, building trust, and laying the groundwork for a time when the advantages of the edge will flourish without having to worry about ominous shadows. It's not just about protecting data and vital infrastructure. The major contributions of this research work are as follows: Security Reinforcement: Unauthorized access and device trust can be analyzed based on the continuous adjustment of access permissions in real time analysis of devices using AI-driven approach. Context-Aware Access: The IoT devices trust based approach ensures the security of the devices; the decision for accessing the devices can be made based on the dynamic access control rules. Infrastructure Resilience: The framework facilitates a resilient Internet of Things infrastructure by enabling adaptive access controls that respond to the fluidity of edge computing environments, preventing disruptions caused by compromised or erratic devices. Trust Promotion: By promoting a transparent and dependable culture inside the IoT ecosystem, the trust-focused strategy helps users feel more confident about their devices and, in turn, makes it easier for secure edge computing solutions to be widely adopted. The rest of the paper is categorized into the following sections: Section II explains the background and related recent works; Section III describes the proposed system and its working details; and Section IV exhibits the experimental setup, results and at the end conclusion and future work. II. BACKGROUND AND RELATED WORKS The proliferation of edge-based Internet of Things devices necessitates a paradigm shift in security. The distributed architecture and dynamic nature of the edge make it difficult for traditional access control systems, which were created for centralised cloud settings, to function well. This section establishes the foundation for our suggested methodology by exploring the shortcomings of current frameworks and pertinent research on AI-driven and trust-based solutions. Table 1 depicts the comparison between traditional access control approaches and AI-driven dynamic access control approaches based on general features. Table.1 Comparison of Access Control Approaches for Edge-Based IoT Devices Feature Traditional Access Control AI-Driven Dynamic Access Control Approaches Static authorization and role-based frameworks Dynamic policy adaptation, risk assessment, and anomaly detection Applicability Centralized cloud environments Situations involving distributed edge computing Adaptability Unchangeable and sluggish to adapt Real-time adaptation to shifting circumstances and threats Scalability Insufficient scalability for extensive networks Managing dispersed edge installations with efficiency Latency High latency in decision-making Real-time access decisions at the edge Human involvement Manual setup and administration Human supervision for direction and assistance Resource considerations Minimal resource requirements Requires specialized AI processing power on edge devices Transparency Basic guidelines that might not be easily explained Reasonable AI choices for comprehension and confidence Challenges Restricted adaptability, open to new threats Combining AI with edge resource limitations while maintaining explainability. Benefits Easy to set up and maintain Lessens dangers and enhances security in dynamic settings. Using trust oriented systems handle the issues brought up by uncertain IoT devices and services is one of the more popular trend. As an illustration, the research in [2] proposed a protocol concentrating the important elements that are community interests, honesty, and cooperativeness [25]. With the help of this protocol, new nodes are created with the strong trust relationships with other nodes and managing the in unsafe situations. To obtain secured routing, a fuzzy logic-based trust approach is proposed in [3]. The suggested method computes the nodes trust using fuzzy logic and the Bio inspired Energy Efficient Cluster (BEE-C) protocol. The flooding attack and black hole are located and eliminated using this protocol the threshold value and the trust value are differentiated. Packets are routed through nodes, if the trust values are higher than the threshold, which shows that the nodes are trustworthy nodes. A node trust value is below the threshold means deemed untrustworthy and is removed. The recommended method performs the game theory, fuzzy with trust (LEACH), in terms of packet delivery ratio concentrates less overhead, packet loss and delay. In order to create a reliable system with regard to the routine of the objects, the authors of [4] combined two models the subject and the object. To adjust behavior dynamically, each node in the first model figured its friends based on its experiences and the friends' shared beliefs with the possible suppliers. The alternative paradigm, the same data was assigned to and kept on each node using a Distributed Hash Table structure, allowing any node to use the data. The research by [5] created a straightforward model for managing trust that was based on entropy and the Bayesian principle. The entropy theory assigns weights to different trust values, which might exacerbate problems brought on by arbitrary weight distribution while also enhancing model flexibility. Distributed trust management paradigm for the Internet of Things was shaped by [6]. Detecting malicious node activity and averting any on-off attacks the model consists of three phases trust computation, neighbour finding, and service request. A trust propagation model was created by [7] the model used social contact, similarity ratings of friendship, and interest ties with the community as the filters and dispersed collaborative filtering to arrive at the feedback. [8] The first investigation, the nodes' trust was calculated using fuzzy logic and the Bio-inspired Energy Efficient-Cluster (BEE-C) protocol. A study by [9] proposed a probabilistic neural network (PNN)-based IoT recommendation approach based on reputation. The resolution of the experiment was to identify trustworthy and untrustworthy nodes on IoT edge policies. Central Trust management framework (CTM IoT) was proposed by the authors of [10] to enable dependable information sharing between IoT devices. A super node that functioned as a centralised trust manager was part of the concept. The super node kept the trust data from all master nodes and cluster nodes in the central repository. Additionally, the super-node was in charge of keeping an eye on a variety of tasks across all IoT devices, including network traffic and trust management. The master node trust values and addresses were also stored in a repository on the super node. The repository managed every device in the CTM IoT framework by acting as a routing table, logging reliable data along with the network architecture and selecting which devices needed to join which cluster. Smart algorithms were proposed by a study in [11] to control IoT trust. While the second algorithm established the circumstances under which a cluster node in IoT trust management can be converted to a given new master node, the first algorithm proposed a new clustering approach by computing memory border trust value limits for each cluster. The bad-mouthed attacks are handled by the third algorithm. The fourth algorithm suggested techniques by which master nodes monitor cluster nodes' trust values and make an effort to move certain cluster nodes away. Additionally, a machine learning-based computational trust model for IoT services was described by [12]. This model employed two methods: (i) support vector machine (SVM) for classification tasks, such as determining the borders of trustworthy and untrustworthy contact, and (ii) k-means for clustering and labeling tasks, such as determining the number of clusters and initial centroid positions. A fuzzy logic based strategy for identifying on-off assaults, behavior attacks that contradict, and other problematic nodes was presented in a follow-up study [13]. Nodes are change strongly between clusters. It is used a messaging system akin to serial transmission for safe message encryption. Fuzzy logic was also used by the protocol to detect malicious nodes and restrict their untrusted ability to provide incorrect suggestions. Research investigation [14] created a model that uses a number of criteria, counting the degree of security in a device, device security, and ownership trust, to calculate the trust level. The users chosen threshold was used to determine the level of trust using the fuzzy logic model. When the trust level is higher than the threshold, IoT service customers can also actively participate in choosing the trustworthy nodes that will be collecting their data. A study by [15] proposed a multi-layer perceptron (MLP)-based model for assessing trust. In order to create a secure environment, this model made it possible to identify the many trust-related attacks that malevolent nodes were carrying out and to remove them from the network. A different study by [16] created a dynamic black-and-white list-based selective recommendation system for smart devices. This approach aims to solve the issue of participant selection so that edge computing systems that leverage IoT in smart cities can provide higher-quality services. In order to examine the stability and validity of the suggested trust management system qualitatively, game theory was employed. Comparably, the research in [17] created a method for social IoT device trust management. The strategy was divided into three primary phases: (1) Trust Composition Stage: At this phase, different traits are selected based on the context of the attack. The trustee node was chosen from the group of nodes for the trust computation process based on trust attributes; (2) the trust score was computed using the artificial neural network (ANN) algorithm during the aggregation stage; and (3) the trust score was updated on a regular basis using the time-driven model. Furthermore, game theory results were verified using Lyapunov theory. Neural network-based trust architecture was developed in a recent study by [18]. This framework took into account a variety of viewpoints, including those of the owner, the device, and the service, and it examined specific aspects from each perspective, such as the owner's social and local context, the device's reputation, and the dependability of the service. An information entropy-based trust evaluation approach was recently proposed by [19] in a study to address the problem of trust in the power distribution of Internet of Things communication terminals. The forgetting factor and sliding window updated the direct trust value after the model first calculated it using the reputation of an exponential distribution. The indirect trust value was added to account for errors resulting from the direct trust judgment, and uncertainties in the direct trust value were evaluated. To improve the accuracy of the judgment, the direct and indirect trust values were also thoroughly evaluated. In wireless sensor networks (WSNs), a dynamic trust management technique was suggested by a study done by [20]. First, assessing the node's performance through interaction with local data yields the direct trust value of the node. The energy evaluation and trust recommendation value of additional nodes with a high trust level are then used to create the comprehensive trust value. Lastly, there are periodic updates to the node reliability and management. In the face of shifting circumstances and developing dangers, static access control methods that assign devices preset rights prove rigid [21]. In a similar vein, role-based methods, although providing some level of detail, fall short in capturing the subtle differences in device behaviour and the complexities of intricate interactions inside the edge network [22]. The scattered nature of edge deployments is not well-suited for centralised access control systems that are tailored for cloud environments. Real-time decision-making is impeded by scalability and latency concerns, which leave edge devices, open to fast attacks [23]. The AI offers a possible solution to the drawbacks of conventional access control. such as anomaly detection and risk assessment, dynamically modify permissions in response to unstable circumstances and threats [24]. The more number of research is required to integrate AI algorithms with edge resource limits. Also, it is imperative to guarantee the simplify capability and openness of AI-driven judgments in order to cultivate acceptance and confidence among human stakeholders. The valuable, current research tends to concentrate on particular facets of AI driven access control. The important contributions made by earlier research by putting forth a novel framework that combines AI with trust based processes in a way that is both practical and holistic. AI driven dynamic access control for edge based Internet of Things devices is aided by this effort. The creativities may investigate the incorporation of other artificial intelligence methodologies, the establishment of resilient trust management protocols, and the assessment of the structure of actual edge applications. III. PROPOSED AI-DRIVEN DYNAMIC ACCESS CONTROL FRAMEWORK A. Proposed Framework The goal of the proposed architecture is to offer a surrounding and flexible security solution for the distributed and dynamic nature of Internet of Things environments. The architecture is made up of vital parts that collaborate to assurance trust based connections, dynamic access control, and decision making in real time. The proposed architecture is depicted in Figure 1. The IoT devices and sensors that have trust modules installed are the important mechanisms of the architecture. The trust modules are essential to the ongoing assessment of devices trustworthiness because they offer immediate response based on historical data, communication patterns and security protocol conformance. The Edge Computing Layer acts as a bridge between the central processing unit and Internet of Things devices. The AI Driven Access Control Module and local processing units are contained at this level. The edge, real time data analysis is made possible by the local processing units, allowing for quick decision making. Machine learning methods are used in the AI Driven Access Control Module dynamically modifies access permissions according to the trust levels that are provided to distinct devices. This delimited decision making capacity helps the access control process operate more quickly and with less latency. The essential element that centrally assesses the dependability of IoT devices throughout the ecosystem is the Centralized Trust Evaluation Engine. For constant monitoring, this engine makes use of machine learning algorithms that take into explanation behavioral patterns, historical data and predetermined criteria. It delivers a real time representation of the responsibility of devices by dynamically updating trust scores. Since of its centralized nature, the engine enables a comprehensive understanding of the IoT ecosystem, which helps to improve trust models. The policies and standards for determining and modifying trust levels are outlined in the Policy Management component. Policies can be personalized by managers to meet the unique needs of edge apps and the IoT ecosystem. The reply to shifts in the trust score is determined by illegal policies, which also include notifications for suspicious activity, access permissions, and the start of corrective procedures. The flexibility and customization of the access control system are assured by this policy driven method. Devices, edge layer and the central processing system provide secure communication channels to guard against unwanted access and operation of private data while it is being transferred. This element is essential for preserving the privacy and integrity of data transferred via the Internet of Things. Monitoring dashboard the Centralized Checking and Analytics component gives managers a thorough accepting of the IoT ecosystem. The systems security state is kept up to date for managers with the use of real time trust scores, access logs and alerts. The use of analytics tools, historical data may be mined for insights that can be applied to continuously improve trust models and access control rules completed time. In conclusion, the suggested architecture combines trust based processes with AI driven dynamic access control, utilising edge computing to provide dispersed enforcement and real time decision making. By addressing the particular difficulties brought about by the dynamic nature of IoT surroundings this design improves the security, flexibility and dependability of IoT devices at the edge. A major step towards improving the security and effectiveness of IoT ecosystems is the combination of AI driven dynamic access management for IoT devices at the edge, especially when done so using a trust based strategy. This approach reduces potential security risks and unauthorized access by utilizing artificial intelligence to dynamically adjust access rules based on trust levels. By placing a strong focus on trust a more sophisticated and contextually aware system is established, enabling adaptive decision making that keeps up with the changing nature of interactions between devices. This framework supports innovation and dependability in the implementation of edge computing solutions while reinforcement the defence against cyber threats and setting the foundation for a more robust and reliable Internet of Things infrastructure as the digital world grows more interconnected. B. Role of AI driven in the access control process including anomaly detection, risk assessment and dynamic policy adaptation. AI driven approach which includes features like anomaly detection, risk assessment and dynamic policy adaption is needed to the access control procedure. An account of how AI disturbs each of these factors is provided below: Anomaly Detection: Function: AI shows a key role in spotting unusual activity in the Internet of Things setting. It practices machine learning techniques to create baselines of typical behavior for each device. Any departures from these designs are noted as irregularities, which may be a sign of abnormalities or security risks. Procedure: The AI system learns patterns of usual behaviour by constantly analysing incoming data from IoT devices. Abnormalities are used to show possible security concerns by locale off alarms or changing the devices trust score. Risk Assessment: Role: AI assesses each IoT devices risk by taking into account a number of variables, including past practice patterns, authentication information and contextual ecofriendly information. AI assesses these factors and gives each device a trust score that represents the degree of assurance in its dependability. Procedure: The AI driven risk assessment demands looking at the context of the devices interactions, assessing the devices submission with security protocols and analyzing patterns over time. The system is able to alter shifting conditions and new threats to this dynamic review. Dynamic Policy Adaptation Role: AI marks it easier for access control rules to change dynamically in response to assessments of device dependability made in real time. Because of its adaptability, access permissions can be dynamically changed to reflect changes in the security landscape, environment or device behavior. Procedure: Artificial Intelligence constantly tracks IoT device trust scores and compares them to reestablished access control settings. The AI system dynamically modifies the policies controlling a devices access rights in response to changes in the devices trust level either positively or undesirably. For instance access to a device may be restricted until the anomaly is fixed if it shows suspicious behavior. Artificial Intelligence functions as a practical and flexible component in the access control procedure for edge IoT devices. It improves security by identifying anomalies, assessing risks and dynamically adjusting access control policies by utilizing machine learning techniques. A more reactive and context aware system is made possible by this trust based method, which is essential for protecting the diverse and dynamic contexts in which Internet of Things devices function. C. Trust formation between devices, users and the edge gateway The basis of trust based access control is the development and continuing assessment of trust connections between users, devices and the edge gateway. Ensuring the security and reliability of IoT ecosystems requires this strategy. Here is a detailed conversation: Trust Formation Between Devices Dynamic Trust Scores: Dynamic trust scores are allocated to specific IoT devices based on their behavior, past interactions and submission with security regulations. This is known as trust based access control. These devices data are continuously analyzed by machine learning algorithms, which modify trust scores in real time. Behavioral Analysis: Each devices behavioral pattern is examined in order to build trust. Advanced trust scores are given to devices that consistently behave as expected over time devices that deviate from regular patterns may have their trust scores adapted accordingly. Establishing Trust Between Users and Devices User Authentication and Authorization: Trust based access control proceeds users dependability while dealing with IoT devices into account as well. User identities are confirmed via authentication techniques, and their authorization is dependent on the levels of trust provided to the user and the device being accessed. Context Aware Access: This notion goes a step further by taking user device interactions into account. A user may be more trusted for instance, if they access an IoT device from a known secure location. However if they attempt to access the device from an unknown or doubtful place their degree of trust may be reduced. Forming Trust Between Devices and Edge Gateway Secure Communication Channels: Secure communication channels help to create trust between IoT devices and the edge gateway. Common trust is boosted by encryption measures which guarantee the privacy and integrity of data transferred between devices and the edge gateway. Authentication Protocols: Before any data exchange takes place, devices authenticate themselves to the edge gateway using strong authentication protocols. The completion of various authentication procedures may have an impact on trust levels. Constant Trust Assessment Real Time Surveillance: Trust based access control is dependent on ongoing reflection and assessment. With real time data analysis the AI powered system dynamically updates trust scores, enabling quick reactions to changes in device behavior or security circumstances. Trust Based Access Policy Implementation Policy Adaptation: The application of access policies is guided by trust based access control. While devices with lower trust scores might be subject to more preventive regulations devices with higher trust scores might have more access privileges. Policies that are flexible make sure that the access control system is in line with the trust relationships that exist. D. Operation of edge computing skills for real time decision making and distributed administration. The following explains how edge computing is used by the framework to achieve these goals: Local Processing and Real Time Data Analysis Edge Computing Layer: By placing local processing things at the edge, the framework makes use of edge computing. These devices handle the first data processing, which allows prompt data analysis and filtering made by IoT devices. Making decisions in real time: At the edge real time data analysis is made possible by the local processing units allowing for quick decision making. This is especially crucial in conditions where there is a time crisis and prompt responses to security events or access demands are needed. AI Driven Access Control Module Edge Based AI driven Processing: Using machine learning methods for dynamic access control, the AI Driven Access Control Element functions at the edge. Effective device behavior analysis is made possible by this decentralized approach to AI processing, which does not trust exclusively on centralized systems. Adaptive Decision Making: The framework may adaptively modify access rights based on real time dependability evaluations at the edge. The decision making flexibility improves the access control system's responsiveness. Trust Modules and Continuing Monitoring Local Trust Valuation: IoT device related Trust Modules carry out local trust valuations. Decentralization facilitates continuing opinion of device behavior at the edge, which adds to the trust based approach real time feature. Reduced delay: Choices are made closer to the data source edge computing reduces delay in the trust evaluation process. Robustness and Scalability Decentralized Architecture: By developing edge computing, a decentralized architecture is created which upturns the robustness of the system. The local processing units and AI modules at the edge can withstand access control abilities even in the event of network outages or communication failures. Scalability: In spread IoT contexts edge computing permits the scalable deployment of processing units. This scalability is vital to ensure that the framework can handle growing data volumes and access control requests as the number of IoT devices increases. The suggested method guarantees distributed policy enforcement, adaptive access control and real time decision making by combining edge computing capabilities into the framework. This improves the systems scalability and robustness in dynamic IoT contexts in addition to improving security and awareness. IV. EXPERIMENTAL SETUP This research endeavor, delve into the realm of AI driven dynamic access control, introducing a trust based approach to reinforce the security posture of IoT networks. Our unique feature of experimentation involves configuring an attacker machine armed with Kali Linux and dual external wireless cards, mimicking real world threat scenarios. Through particular use cases, ranging from unauthorized access attempts to wireless activity rigorously calculate the efficiency of our suggested approach. Figure 2 shows the experimental setup used and executed in this research. The chokepoint of our experimental framework lies in the deployment of an Inspection firewall governed by AI driven Access Control Lists (ACLs). Enhancing this setup is the combination of Wazuh for real time security monitoring and Kibana for intuitive visualization. Infrastructure Configuration A different array of IoT devices, ranging from sensors to actuators is strategically deployed to simulate a realistic environment. These devices cooperatively represent the intricate network fabric that describes IoT ecosystems. Their deployment contains varied functionalities imitating the complexity encountered in real world situations. Edge Devices The IoT devices, edge computing devices are strategically placed to efficiently manage and process data. These devices assist as a decentralized computational layer adopting quicker decision making by handling data nearer to its source. This architecture not only enhances latency but also improves the overall efficiency of the IoT network. Firewall The strategic chokepoint within the network architecture an Inspection firewall is deployed. This firewall assumes a vital role in controlling and monitoring the traffic flow between IoT devices and the broader network. Located as the protector at the gateway, it acts as the first line of defense, inspecting data packets and applying security policies to impede unauthorized access and potential threats. Implementation of AI-Driven ACLs The Inspection firewall is encouraged with AI driven Access Control Lists (ACLs), leveraging advanced machine learning models. These ACLs are not static instead they dynamically adapt based on real time analysis of network performance and the trust levels related with individual devices. This dynamic adjustment mechanism ensures that the security actions are approachable to the developing nature of network conditions and device interactions. Security Monitoring and Logging Incorporation with Wazuh The Wazuh Security Information and Event Management (SIEM) system is seamlessly integrated into the network architecture. Wazuh provides a robust framework for monitoring security events. It dynamically examines logs, detects potential threats and triggers timely responses enhancing the overall security position of the IoT environment. Kibana: Kibana is a powerful visualization tool is employed to separate and examine security events indexed by Wazuh. This graphical representation aids researchers and security experts in gaining actionable insights into the nature of security events, identifying patterns and helping informed decision making. Attacker Configuration Kali Linux Machine To imitate real world cyber threats, a dedicated machine is configured with Kali Linux. This machine serves as the attacker collection, covering a suite of tools and experiences aimed at investigative vulnerabilities within the IoT network. Wireless Attack Simulation The two external wireless cards specifically the ASUS N13 adaptor the attacker machine is capable of simulating realistic wireless attacks. This structure enables the execution of diverse wireless exploits reflecting the probable threats posed by challengers with sophisticated capabilities. Attack Simulations Several attack scenarios are accurately simulated, incorporating unauthorized access attempts to IoT devices, man in the middle attacks targeting communication between IoT and edge devices, and manipulation attempts on vulnerabilities residing in IoT device firmware. These scenarios collectively stress test the robustness of the suggested security infrastructure. Use Cases - Dynamic Access Control The experimentation lies in evaluating the effectiveness of AI driven ACLs. Through a series of scenarios the adaptability of these ACLs to different network situations and their awareness to dynamic changes in device behavior are carefully assessed. Intrusion Detection and Response The ability of the Wazuh system to detect and respond to abnormal activities and security incidents is systematically calculated. This contains assessing the system's response time to security events and its overall efficacy in protection the IoT network. Figure 2 illustrates the sharing of various cyber threats identified by the Wazuh Intrusion Detection and Response (IDR) platform during the experimental phase. The following breakdown showcases the percentage distribution of specific attack categories: Password Guessing (61%): The most established attack category is password guessing establishing a important 61% of the chart. This shows a significant focus on attempts to gain unauthorized access through efficient password trial and error experimental methods. SSH Brute Forcing (27%): SSH brute forcing represents a considerable portion, accounting for 27% of detected attacks. This suggests persistent efforts to compromise security by systematically attempting various authentication credentials for SSH (Secure Shell) access. Generic Brute Forcing (4%): Generic brute forcing, a wider form of password based attacks, contributes to 4% of the total. While moderately less frequent it still highlights the importance of defending against brute force attempts on various fronts. File Traversal (2%): File traversal attacks, where attackers attempt to access unauthorized directories and files, make up 2% of the chart. Although a smaller percentage, this indicates potential attempts to exploit vulnerabilities in file access controls. Visualization and Analysis Kibana, the logged security events are precisely analyzed. This comprises identifying patterns and gaining a comprehensive understanding of the security posture of the IoT network. The visual representation aids in extracting actionable intelligence. System Resilience The system ability to withstand wireless attacks from the Kali Linux computer is tested. This includes assessing the network's resilience to complex wireless exploits and the firewall's ability to prevent unwanted wireless access. The results of integration checks performed on different files in the experimental environment are shown graphically in Fig. 3. The AI-ACLs that are activated under attack conditions are shown in Figure 4. Trust Based Approach The trust based approach influence on security is methodically investigated. This involves examining the success rates of attacks against both trusted and untrusted devices providing valuable insights into the effectiveness of the proposed trust based paradigm. Fig. 5 showcases the results of vulnerability assessments conducted as part of the current experimental use cases. · Critical Vulnerabilities (35%): The largest segment, constituting 35%, signifies vulnerabilities categorized as critical. These vulnerabilities pose a severe threat to the security infrastructure, potentially enabling attackers to compromise the integrity, confidentiality, or availability of the IoT devices. · High Severity Vulnerabilities (25%): A significant portion, accounting for 25%, represents vulnerabilities categorized as high severity. While not as critical as the highest level, these vulnerabilities still pose a substantial risk and require urgent attention and remediation. · Medium Severity Vulnerabilities (20%): The chart allocates 20% to vulnerabilities categorized as medium severity. These vulnerabilities may have a notable impact on the security of the IoT network but might not pose an immediate and severe threat. · Low Severity Vulnerabilities (15%): A notable segment, representing 15%, denotes vulnerabilities classified as low severity. While these vulnerabilities may not present an immediate threat, addressing them is essential for maintaining a robust security posture over the long term. Based on the number of cases that were passed, failed, and marked as not applicable within the IoT network, Figure 6 gives a summary of the security assessment results. Key Observations: Cases Passed (77 in count) Security assessment cases that have successfully passed scrutiny make up the largest portion of the chart, accounting for 45% of the total. These examples support a strong security posture and follow the defined security standards. Cases Failed (110 in count) A sizeable portion (45%) denotes security assessment cases that don't fit the predetermined security standards. In order to address the vulnerabilities or weaknesses found, these cases need to be addressed right away. Not Applicable Cases (13 in count) Ten percent of the cases in the chart are classified as non-applicable. This category might include situations in which particular security evaluations are thought to be superfluous or irrelevant for particular IoT network components. V. CONCLUSION The integration of AI-driven dynamic access management for IoT devices at the edge, particularly when done so through a trust based approach, is a critical step in improving the security and effectiveness of IoT ecosystems. This method uses artificial intelligence to dynamically modify access rules according to trust levels, thereby lowering potential security risks and unauthorized access. This is important given the quickly developing IoT ecosystem. By placing a strong focus on trust, a more sophisticated and contextually aware system is established, enabling adaptive decision-making that keeps up with the changing nature of interactions between devices. The suggested framework supports innovation and dependability in the implementation of edge computing solutions while strengthening the defence against cyber threats and laying the foundation for a more robust and reliable Internet of Things infrastructure as the digital world grows more interconnected. Declarations Funding The current Research work does not received any funding. Author Contribution Author1: Dr. Saranya R, wrote the main ManuscriptAuthor1: Dr. Suresh G, Prepared the list of Tables and Figures References https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/ Bao, F.; Chen, I.-R.; Guo, J. Scalable, adaptive and survivable trust management for community of interest based Internet of Things systems. In Proceedings of the 2013 IEEE Eleventh International Symposium on Autonomous Decentralized Systems (ISADS), Mexico City, Mexico, 6–8 March 2013; pp. 1–7. Renubala, S.; Dhanalakshmi, K.S. Trust based secure routing protocol using fuzzy logic in wireless sensor networks. In Proceedings of the 2014 IEEE International Conference on Computational Intelligence and Computing Research, Coimbatore, India, 18–20 December 2014; pp. 1–5. Nitti, M.; Girau, R.; Atzori, L. Trustworthiness Management in the Social Internet of Things. IEEE Trans. Knowl. Data Eng. 2014, 26, 1253–1266. Che, S.; Feng, R.; Liang, X.; Wang, X. A lightweight trust management based on Bayesian and Entropy for wireless sensor networks. Secur. Commun. Netw. 2015, 8, 168–175. Mendoza, C.V.L.; Kleinschmidt, J.H. Mitigating On-Off Attacks in the Internet of Things Using a Distributed Trust Management Scheme. Int. J. Distrib. Sens. Netw. 2015, 11, 859731. Chen, I.-R.; Guo, J.; Bao, F. Trust Management for SOA-Based IoT and Its Application to Service Composition. IEEE Trans. Serv. Comput. 2016, 9, 482–495. Rajesh, G.; Raajini, X.M.; Vinayagasundaram, B. Fuzzy trust-based aggregator sensor node election in internet of things. Int. J. Internet Protoc. Technol. 2016, 9, 151. Asiri, S.; Miri, A. An IoT trust and reputation model based on recommender systems. In Proceedings of the 2016 14th Annual Conference on Privacy, Security and Trust (PST), Auckland, New Zealand, 12–14 December 2016; pp. 561–568. Alshehri, M.D.; Hussain, F.K. A centralized trust management mechanism for the internet of things (ctm-iot). In International Conference on Broadband and Wireless Computing, Communication and Applications; Springer: New York, NY, USA, 2017. Alshehri, M.D.; Hussain, F.K.; Hussain, O.K. Clustering-driven intelligent trust management methodology for the internet of things (CITM-IoT). Mob. Netw. Appl. 2018, 23, 419–431. Jayasinghe, U.; Lee, G.M.; Um, T.-W.; Shi, Q. Machine Learning Based Trust Computational Model for IoT Services. IEEE Trans. Sustain. Comput. 2019, 4, 39–52. Alshehri, M.D.; Hussain, F.K. A fuzzy security protocol for trust management in the internet of things (Fuzzy-IoT). Computing 2019, 101, 791–818. Khalil, A.; Mbarek, N.; Togni, O. Fuzzy Logic Based Security Trust Evaluation for IoT Environments. In Proceedings of the 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), Abu Dhabi, United Arab Emirates, 3–7 November 2019; pp. 1–8. Masmoudi, M.; Abdelghani, W.; Amous, I.; Sèdes, F. Deep Learning for Trust-Related Attacks Detection in Social Internet of Things. In Evolutionary Computing and Mobile Sustainable Networks; Springer: Singapore, 2020; pp. 389–404. Wang, B.; Li, M.; Jin, X.; Guo, C. A Reliable IoT Edge Computing Trust Management Mechanism for Smart Cities. IEEE Access 2020, 8, 46373–46399. Hankare, P.; Babar, S.; Mahalle, P. Trust Management Approach for Detection of Malicious Devices in SIoT. Teh. Glas. 2021, 15, 43–50. Devi Priya, Sibi Chakkaravarthy Sethuraman, Muhammad Khurram Khan, “Container Security: Precaution levels, Mitigation Strategies, and Research Perspectives\", Computers & Security, Elsevier, vol. 135, 103490, 2023. Ba-Hutair, M.N.; Bouguettaya, A.; Neiat, A.G. Multi-Perspective Trust Management Framework for Crowdsourced IoT Services. IEEE Trans. Serv. Comput. 2021, 1. Lingda, K.; Feng, Z.; Yingjie, Z.; Nan, Q.; Dashuai, L.; Shaotang, C. Evaluation method of trust degree of distribution IoT terminal equipment based on information entropy. J. Phys. Conf. Ser. 2021, 1754, 012108. Zheng, G.; Gong, B.; Zhang, Y. Dynamic Network Security Mechanism Based on Trust Management in Wireless Sensor Networks. Wirel. Commun. Mob. Comput. 2021, 2021, 6667100. Gopinath M, Sibi Chakkaravarthy Sethuraman, “A comprehensive survey on deep learning based malware detection techniques”, Computer Science Review, Vol. 47, February 2023, Elsevier. Sengupta, J., Goswami, A., Roy, S., & Das, S. K. (2019). Access control mechanisms for IoT devices: A survey. In 2019 5th International Conference on Information Systems Architecture and Technology (ISAT) (pp. 1-7). IEEE. Chen, R., Xu, H., Li, W., & Jin, H. (2020). A survey of access control models for the internet of things. IEEE Access, 8, 93405-93423. Wang, L., Xu, J., Yang, Y., & Wang, F. (2022). Challenges and opportunities of access control in edge computing for the internet of things. IEEE Internet of Things Magazine, 5(5), 39-47. Amini, M. H., Farzanehfar, A., & Dehkordi, M. K. (2023). Machine learning-based access control mechanisms for internet. Devi Priya V S, Sibi Chakkaravarthy Sethuraman, “Containerized cloud-based honeypot deception for tracking attackers”, Scientific Reports, Nature, 2023. Sibi Chakkaravarthy Sethuraman, Aditya Mitra, Kuan-Ching Li, Anisha Ghosh, M Gopinath, Nitin Sukhija, \"Loki: A Physical Security Key Compatible IoT Based Lock for Protecting Physical Assets\", Vol. 10, Pages. 112721-112730, IEEE Access, 2023. Additional Declarations No competing interests reported. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {\"props\":{\"pageProps\":{\"initialData\":{\"identity\":\"rs-6757754\",\"acceptedTermsAndConditions\":true,\"allowDirectSubmit\":true,\"archivedVersions\":[],\"articleType\":\"Research Article\",\"associatedPublications\":[],\"authors\":[{\"id\":502688927,\"identity\":\"4f0ffcf6-b02e-4b04-8bc4-39882eaa720c\",\"order_by\":0,\"name\":\"Saranya R\",\"email\":\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA9ElEQVRIiWNgGAWjYDADNjBZAcTMzA1EagHrOQPSwkikFrA1jG0gFgEt8u1nH34ubLNj4JPvTnzwc15tNH87UMuPim04tRicSTeWntmWDHQY72bD3m3Hc2ccZmxg7DlzG7cWhjQGad42ZpCWbdKM247lNgC1MDO24dYi3/+M+TdvWz1Iy/bfjHOO5c4npIXhRhob0JbDYFuAYVWTu4GQFoMbz9isec4d52Fjy90s2XPsQO5GoJaD+Pwi35/GfJunrFpOvvnsxg8/aupy550/fPDBjwo8DgMBRjYGHijzMJg8gF89CPyBs+oIKx4Fo2AUjIIRBwAOAFKN5Fz2/gAAAABJRU5ErkJggg==\",\"orcid\":\"\",\"institution\":\"Vel Tech Rangarajan Dr. Sagunthala R\\u0026D Institute of Science and Technology\",\"correspondingAuthor\":true,\"prefix\":\"\",\"firstName\":\"Saranya\",\"middleName\":\"\",\"lastName\":\"R\",\"suffix\":\"\"},{\"id\":502688928,\"identity\":\"496fd8c6-1c2c-4602-ab58-5af3851e8985\",\"order_by\":1,\"name\":\"Suresh G\",\"email\":\"\",\"orcid\":\"\",\"institution\":\"Rajalakshmi Institute of Technology\",\"correspondingAuthor\":false,\"prefix\":\"\",\"firstName\":\"Suresh\",\"middleName\":\"\",\"lastName\":\"G\",\"suffix\":\"\"}],\"badges\":[],\"createdAt\":\"2025-05-27 09:23:32\",\"currentVersionCode\":1,\"declarations\":\"\",\"doi\":\"10.21203/rs.3.rs-6757754/v1\",\"doiUrl\":\"https://doi.org/10.21203/rs.3.rs-6757754/v1\",\"draftVersion\":[],\"editorialEvents\":[],\"editorialNote\":\"\",\"failedWorkflow\":false,\"files\":[{\"id\":89820032,\"identity\":\"f4a01258-e5a4-4642-acf8-c0e7ae89c777\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:19:15\",\"extension\":\"png\",\"order_by\":1,\"title\":\"Figure 1\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":189074,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eProposed Trust based AI driven dynamic access control Architecture\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"1.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/b351d6091b4e87e6f909655f.png\"},{\"id\":89820033,\"identity\":\"3b1caf53-4911-42c0-b45f-fc7e67f2ee33\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:19:15\",\"extension\":\"png\",\"order_by\":2,\"title\":\"Figure 2\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":145315,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eExperimental Setup executed for the current research\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"2.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/60dc737e28c5fb75547ea5c8.png\"},{\"id\":89820842,\"identity\":\"e75cfb64-d0c7-42d1-9d72-c8bebfd9730a\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:27:15\",\"extension\":\"png\",\"order_by\":3,\"title\":\"Figure 3\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":90157,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eFig.2 Top attacks detected by Wazuh IDR platform\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"3.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/b5dd2d7989675eff0c18c077.png\"},{\"id\":89820995,\"identity\":\"48908110-27ef-4ad4-b6cf-0a27379c2047\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:35:15\",\"extension\":\"png\",\"order_by\":4,\"title\":\"Figure 4\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":38178,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eFig. 3 File integration checks\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"4.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/1ad7f3d4d6799db5f9e329de.png\"},{\"id\":89820037,\"identity\":\"f5c161a3-66d8-48ef-be52-46fc968eb7d0\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:19:15\",\"extension\":\"png\",\"order_by\":5,\"title\":\"Figure 5\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":27964,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eFig. 4 Added \\u0026amp; Modified data fields under attack conditions with AI-ACLs\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"5.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/e747f4e0610b47561e1d5a32.png\"},{\"id\":89820848,\"identity\":\"0e218876-c3e9-4866-8bec-fa87d16f4144\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:27:15\",\"extension\":\"png\",\"order_by\":6,\"title\":\"Figure 6\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":38343,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eFig.5. Vulnerabilities detected for the current experimental use cases.\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"6.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/5fce4c2dc2f3101bb29df010.png\"},{\"id\":89820039,\"identity\":\"6faa74ed-2ae5-4473-97c3-5b26764e0cad\",\"added_by\":\"auto\",\"created_at\":\"2025-08-25 11:19:15\",\"extension\":\"png\",\"order_by\":7,\"title\":\"Figure 7\",\"display\":\"\",\"copyAsset\":false,\"role\":\"figure\",\"size\":58742,\"visible\":true,\"origin\":\"\",\"legend\":\"\\u003cp\\u003eFig.6 Current experimental use cases security assessment status.\\u003c/p\\u003e\",\"description\":\"\",\"filename\":\"7.png\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/d699868866bc234e0fa047fa.png\"},{\"id\":92349129,\"identity\":\"59a962a1-1bc2-4ad2-b2a9-e91881506521\",\"added_by\":\"auto\",\"created_at\":\"2025-09-28 10:31:38\",\"extension\":\"pdf\",\"order_by\":0,\"title\":\"\",\"display\":\"\",\"copyAsset\":false,\"role\":\"manuscript-pdf\",\"size\":1684983,\"visible\":true,\"origin\":\"\",\"legend\":\"\",\"description\":\"\",\"filename\":\"manuscript.pdf\",\"url\":\"https://assets-eu.researchsquare.com/files/rs-6757754/v1/7405fbbe-9bbb-43f1-83ee-3c9badcdda64.pdf\"}],\"financialInterests\":\"No competing interests reported.\",\"formattedTitle\":\"AI-Driven Dynamic Access Control for IoT Devices at the Edge: A Trust-based Approach\",\"fulltext\":[{\"header\":\"I. INTRODUCTION\",\"content\":\"\\u003cp\\u003eThe Internet of Things (IoT) is one of the most important cutting edge technologies, with its growth and adoption rapidly expanding across all areas of society. From industrial applications to smart home systems, IoT is becoming an integral part of everyday life [1]. The extensive use of IoT has led to thrilling progressions, including faster response times, efficient data transfer, and improved decision-making processes on connected devices. However, a critical challenge lies in safeguarding the massive amounts of data generated by IoT devices. Without operative protection mechanisms, this data becomes highly susceptible to attacks, posing severe security threats from multiple directions and perchance leading to devastating consequences.\\u003c/p\\u003e\\n\\u003cp\\u003eTraditional access control systems often encounter significant challenges in managing access mechanisms effectively. In these systems, all device data is typically stored in cloud environments, which are inherently more vulnerable to cyberattacks. As a result, data integrity is frequently compromised. Furthermore, the distributed nature of cloud systems increases the risk of data breaches, making it difficult to enforce static access permissions reliably. Conventional models, such as Role-Based Access Control (RBAC), struggle to address complex and evolving threat scenarios, functioning more as blunt tools that can only manage refined or simple access requirements. Additionally, the growing scale of edge systems and the need for dynamic access control at the edge have rendered manual administration increasingly complicated and inefficient [28].\\u003c/p\\u003e\\n\\u003cp\\u003eEdge-based IoT devices are on the verge of exposure due to this gap between older solutions and the changing threat landscape. Unexpected weaknesses, such as gaps in the armour, provide opportunities for bad actors to enter the scene. Unexpected and quick zero day attacks take advantage of incorrectly specified permissions to destroy data and functionality. Insider dangers lurk in the shadows, using their master keys stolen credentials to unlock mayhem. The consequences are severe and include all from the strange possibility of compromised critical infrastructure to the theft of personal data.\\u003c/p\\u003e\\n\\u003cp\\u003eAI-driven dynamic access control is an effective solution for handling access permissions and protecting information against vulnerabilities. This approach is particularly well suited for edge computing environments, as numerous IoT devices and gadgets are connected to edge networks; they generate large volume of data regularly, monitor device authorization, real time risks, and trust validations manually. To address these challenges, dynamically adjusting access permissions based on real time analytics and historical behavioral of data becomes vital. This process not only reduces the risk of unauthorized data access but also strengthens the overall trustworthiness of connected IoT devices.\\u003c/p\\u003e\\n\\u003cp\\u003eThis architecture is built based on trust and the fundamental fabric of access control. Systematically built communication routes would act as secure wall, guarding the data flow. Device IDs would be carefully checked to make sure that only authorised devices are using the network. Devices, users, and the edge gateway would be linked through a robust and intricate network of trust, forming a consistent barrier against forthcoming threats.\\u003c/p\\u003e\\n\\u003cp\\u003eIn this safe environment, gadgets do not exist in isolation. They would learn from one another in this symphony of collective defence, exchanging knowledge and experiences to fortify the perimeter. The edge gateway would act as a watchful sentinel, coordinating access decisions and utilising AI-powered analysis and real-time data to nimbly and accurately enforce policies. However, the human factor still matters most, even in the face of AI\\u0026apos;s genius and trust\\u0026apos;s unwavering stability. The goal is to strengthen human judgment by providing it with real-time data and AI-driven insights, rather than replacing it [26]. Humans would become knowledgeable sentinels with smart dashboards and clear visualisations, their experience and intuition directing the entire security posture, prepared to step in when needed, and driving the network towards an unbreakable resilience.\\u003c/p\\u003e\\n\\u003cp\\u003eBy adopting a trust-based strategy and embracing AI-driven dynamic access management, we can both mitigate the inherent risks and realise the limitless promise of edge computing. This is a revolution in the security paradigm, not just a technical achievement, driven by an unshakable commitment to safeguarding our increasingly interconnected world and forged in the furnace of innovation [27]. This is about protecting privacy, building trust, and laying the groundwork for a time when the advantages of the edge will flourish without having to worry about ominous shadows. It\\u0026apos;s not just about protecting data and vital infrastructure.\\u003c/p\\u003e\\n\\u003cp\\u003eThe major contributions of this research work are as follows:\\u003c/p\\u003e\\n\\u003col\\u003e\\n \\u003cli\\u003eSecurity Reinforcement:\\u0026nbsp;Unauthorized access and device trust can be analyzed based on the continuous adjustment of access permissions in real time analysis of devices using AI-driven approach.\\u003c/li\\u003e\\n \\u003cli\\u003eContext-Aware Access:\\u0026nbsp;The IoT devices trust based approach ensures the security of the devices; the decision for accessing the devices can be made based on the dynamic access control rules.\\u003c/li\\u003e\\n \\u003cli\\u003eInfrastructure Resilience: The framework facilitates a resilient Internet of Things infrastructure by enabling adaptive access controls that respond to the fluidity of edge computing environments, preventing disruptions caused by compromised or erratic devices.\\u003c/li\\u003e\\n \\u003cli\\u003eTrust Promotion: By promoting a transparent and dependable culture inside the IoT ecosystem, the trust-focused strategy helps users feel more confident about their devices and, in turn, makes it easier for secure edge computing solutions to be widely adopted.\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u0026nbsp;The rest of the paper is categorized into the following sections: Section II explains the background and related recent works; Section III describes the proposed system and its working details; and Section IV exhibits the experimental setup, results and at the end conclusion and future work.\\u003c/p\\u003e\"},{\"header\":\"II. BACKGROUND AND RELATED WORKS\",\"content\":\"\\u003cp\\u003eThe proliferation of edge-based Internet of Things devices necessitates a paradigm shift in security. The distributed architecture and dynamic nature of the edge make it difficult for traditional access control systems, which were created for centralised cloud settings, to function well. This section establishes the foundation for our suggested methodology by exploring the shortcomings of current frameworks and pertinent research on AI-driven and trust-based solutions. Table 1 depicts the comparison between traditional access control approaches and AI-driven dynamic access control approaches based on general features.\\u003c/p\\u003e\\n\\u003cp\\u003eTable.1 Comparison of Access Control Approaches for Edge-Based IoT Devices\\u003c/p\\u003e\\n\\u003ctable border=\\\"1\\\" cellspacing=\\\"0\\\" cellpadding=\\\"0\\\" width=\\\"605\\\"\\u003e\\n \\u003ctbody\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003e\\u003cstrong\\u003eFeature\\u003c/strong\\u003e\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003e\\u003cstrong\\u003eTraditional Access Control\\u003c/strong\\u003e\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003e\\u003cstrong\\u003eAI-Driven Dynamic Access Control\\u003c/strong\\u003e\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eApproaches\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eStatic authorization and role-based frameworks\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eDynamic policy adaptation, risk assessment, and anomaly detection\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eApplicability\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eCentralized cloud environments\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eSituations involving distributed edge computing\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eAdaptability\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eUnchangeable and sluggish to adapt\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eReal-time adaptation to shifting circumstances and threats\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eScalability\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eInsufficient scalability for extensive networks\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eManaging dispersed edge installations with efficiency\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eLatency\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eHigh latency in decision-making\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eReal-time access decisions at the edge\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eHuman involvement\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eManual setup and administration\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eHuman supervision for direction and assistance\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eResource considerations\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eMinimal resource requirements\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eRequires specialized AI processing power on edge devices\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eTransparency\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eBasic guidelines that might not be easily explained\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eReasonable AI choices for comprehension and confidence\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eChallenges\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eRestricted adaptability, open to new threats\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eCombining AI with edge resource limitations while maintaining explainability.\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003ctr\\u003e\\n \\u003ctd style=\\\"width: 108px;\\\"\\u003e\\n \\u003cp\\u003eBenefits\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 242px;\\\"\\u003e\\n \\u003cp\\u003eEasy to set up and maintain\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003ctd style=\\\"width: 255px;\\\"\\u003e\\n \\u003cp\\u003eLessens dangers and enhances security in dynamic settings.\\u003c/p\\u003e\\n \\u003c/td\\u003e\\n \\u003c/tr\\u003e\\n \\u003c/tbody\\u003e\\n\\u003c/table\\u003e\\n\\u003cp\\u003eUsing trust oriented systems handle the issues brought up by uncertain IoT devices and services is one of the more popular trend. As an illustration, the research in [2] proposed a protocol concentrating the important elements that are community interests, honesty, and cooperativeness [25]. With the help of this protocol, new nodes are created with the strong trust relationships with other nodes and managing the in unsafe situations. To obtain secured routing, a fuzzy logic-based trust approach is proposed in [3]. The suggested method computes the nodes trust using fuzzy logic and the Bio inspired Energy Efficient Cluster (BEE-C) protocol. The flooding attack and black hole are located and eliminated using this protocol the threshold value and the trust value are differentiated. Packets are routed through nodes, if the trust values are higher than the threshold, which shows that the nodes are trustworthy nodes. A node trust value is below the threshold means deemed untrustworthy and is removed. The recommended method performs the game theory, fuzzy with trust (LEACH), in terms of packet delivery ratio concentrates less overhead, packet loss and delay.\\u003c/p\\u003e\\n\\u003cp\\u003eIn order to create a reliable system with regard to the routine of the objects, the authors of [4] combined two models the subject and the object. To adjust behavior dynamically, each node in the first model figured its friends based on its experiences and the friends\\u0026apos; shared beliefs with the possible suppliers. The alternative paradigm, the same data was assigned to and kept on each node using a Distributed Hash Table structure, allowing any node to use the data. The research by [5] created a straightforward model for managing trust that was based on entropy and the Bayesian principle. The entropy theory assigns weights to different trust values, which might exacerbate problems brought on by arbitrary weight distribution while also enhancing model flexibility.\\u003c/p\\u003e\\n\\u003cp\\u003eDistributed trust management paradigm for the Internet of Things was shaped by [6]. Detecting malicious node activity and averting any on-off attacks the model consists of three phases trust computation, neighbour finding, and service request. A trust propagation model was created by [7] the model used social contact, similarity ratings of friendship, and interest ties with the community as the filters and dispersed collaborative filtering to arrive at the feedback. [8] The first investigation, the nodes\\u0026apos; trust was calculated using fuzzy logic and the Bio-inspired Energy Efficient-Cluster (BEE-C) protocol. A study by [9] proposed a probabilistic neural network (PNN)-based IoT recommendation approach based on reputation. The resolution of the experiment was to identify trustworthy and untrustworthy nodes on IoT edge policies.\\u003c/p\\u003e\\n\\u003cp\\u003eCentral Trust management framework (CTM IoT) was proposed by the authors of [10] to enable dependable information sharing between IoT devices. A super node that functioned as a centralised trust manager was part of the concept. The super node kept the trust data from all master nodes and cluster nodes in the central repository. Additionally, the super-node was in charge of keeping an eye on a variety of tasks across all IoT devices, including network traffic and trust management. The master node trust values and addresses were also stored in a repository on the super node. The repository managed every device in the CTM IoT framework by acting as a routing table, logging reliable data along with the network architecture and selecting which devices needed to join which cluster.\\u003c/p\\u003e\\n\\u003cp\\u003eSmart algorithms were proposed by a study in [11] to control IoT trust. While the second algorithm established the circumstances under which a cluster node in IoT trust management can be converted to a given new master node, the first algorithm proposed a new clustering approach by computing memory border trust value limits for each cluster. The bad-mouthed attacks are handled by the third algorithm. The fourth algorithm suggested techniques by which master nodes monitor cluster nodes\\u0026apos; trust values and make an effort to move certain cluster nodes away. Additionally, a machine learning-based computational trust model for IoT services was described by [12]. This model employed two methods: (i) support vector machine (SVM) for classification tasks, such as determining the borders of trustworthy and untrustworthy contact, and (ii) k-means for clustering and labeling tasks, such as determining the number of clusters and initial centroid positions.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eA fuzzy logic based strategy for identifying on-off assaults, behavior attacks that contradict, and other problematic nodes was presented in a follow-up study [13]. Nodes are change strongly between clusters. It is used a messaging system akin to serial transmission for safe message encryption. Fuzzy logic was also used by the protocol to detect malicious nodes and restrict their untrusted ability to provide incorrect suggestions. Research investigation [14] created a model that uses a number of criteria, counting the degree of security in a device, device security, and ownership trust, to calculate the trust level. The users chosen threshold was used to determine the level of trust using the fuzzy logic model. When the trust level is higher than the threshold, IoT service customers can also actively participate in choosing the trustworthy nodes that will be collecting their data.\\u003c/p\\u003e\\n\\u003cp\\u003eA study by [15] proposed a multi-layer perceptron (MLP)-based model for assessing trust. In order to create a secure environment, this model made it possible to identify the many trust-related attacks that malevolent nodes were carrying out and to remove them from the network. A different study by [16] created a dynamic black-and-white list-based selective recommendation system for smart devices. This approach aims to solve the issue of participant selection so that edge computing systems that leverage IoT in smart cities can provide higher-quality services. In order to examine the stability and validity of the suggested trust management system qualitatively, game theory was employed. Comparably, the research in [17] created a method for social IoT device trust management. The strategy was divided into three primary phases: (1) Trust Composition Stage: At this phase, different traits are selected based on the context of the attack. The trustee node was chosen from the group of nodes for the trust computation process based on trust attributes; (2) the trust score was computed using the artificial neural network (ANN) algorithm during the aggregation stage; and (3) the trust score was updated on a regular basis using the time-driven model.\\u003c/p\\u003e\\n\\u003cp\\u003eFurthermore, game theory results were verified using Lyapunov theory. Neural network-based trust architecture was developed in a recent study by [18]. This framework took into account a variety of viewpoints, including those of the owner, the device, and the service, and it examined specific aspects from each perspective, such as the owner\\u0026apos;s social and local context, the device\\u0026apos;s reputation, and the dependability of the service. An information entropy-based trust evaluation approach was recently proposed by [19] in a study to address the problem of trust in the power distribution of Internet of Things communication terminals. The forgetting factor and sliding window updated the direct trust value after the model first calculated it using the reputation of an exponential distribution. The indirect trust value was added to account for errors resulting from the direct trust judgment, and uncertainties in the direct trust value were evaluated. To improve the accuracy of the judgment, the direct and indirect trust values were also thoroughly evaluated. In wireless sensor networks (WSNs), a dynamic trust management technique was suggested by a study done by [20]. First, assessing the node\\u0026apos;s performance through interaction with local data yields the direct trust value of the node. The energy evaluation and trust recommendation value of additional nodes with a high trust level are then used to create the comprehensive trust value. Lastly, there are periodic updates to the node reliability and management.\\u003c/p\\u003e\\n\\u003cp\\u003eIn the face of shifting circumstances and developing dangers, static access control methods that assign devices preset rights prove rigid [21]. In a similar vein, role-based methods, although providing some level of detail, fall short in capturing the subtle differences in device behaviour and the complexities of intricate interactions inside the edge network [22]. The scattered nature of edge deployments is not well-suited for centralised access control systems that are tailored for cloud environments. Real-time decision-making is impeded by scalability and latency concerns, which leave edge devices, open to fast attacks [23]. The AI offers a possible solution to the drawbacks of conventional access control. such as anomaly detection and risk assessment, dynamically modify permissions in response to unstable circumstances and threats [24].\\u003c/p\\u003e\\n\\u003cp\\u003eThe more number of research is required to integrate AI algorithms with edge resource limits. Also, it is imperative to guarantee the simplify capability and openness of AI-driven judgments in order to cultivate acceptance and confidence among human stakeholders. The valuable, current research tends to concentrate on particular facets of AI driven access control.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eThe important contributions made by earlier research by putting forth a novel framework that combines AI with trust based processes in a way that is both practical and holistic. AI driven dynamic access control for edge based Internet of Things devices is aided by this effort. The creativities may investigate the incorporation of other artificial intelligence methodologies, the establishment of resilient trust management protocols, and the assessment of the structure of actual edge applications.\\u003c/p\\u003e\"},{\"header\":\"III. PROPOSED AI-DRIVEN DYNAMIC ACCESS CONTROL FRAMEWORK\",\"content\":\"\\u003cp\\u003e\\u003cstrong\\u003eA. Proposed Framework\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eThe goal of the proposed architecture is to offer a surrounding and flexible security solution for the distributed and dynamic nature of Internet of Things environments. The architecture is made up of vital parts that collaborate to assurance trust based connections, dynamic access control, and decision making in real time. The proposed architecture is depicted in Figure 1.\\u003c/p\\u003e\\n\\u003cp\\u003eThe IoT devices and sensors that have trust modules installed are the important mechanisms of the architecture. The trust modules are essential to the ongoing assessment of devices trustworthiness because they offer immediate response based on historical data, communication patterns and security protocol conformance.\\u003c/p\\u003e\\n\\u003cp\\u003eThe Edge Computing Layer acts as a bridge between the central processing unit and Internet of Things devices. The AI Driven Access Control Module and local processing units are contained at this level. The edge, real time data analysis is made possible by the local processing units, allowing for quick decision making. Machine learning methods are used in the AI Driven Access Control Module dynamically modifies access permissions according to the trust levels that are provided to distinct devices. This delimited decision making capacity helps the access control process operate more quickly and with less latency.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eThe essential element that centrally assesses the dependability of IoT devices throughout the ecosystem is the Centralized Trust Evaluation Engine. For constant monitoring, this engine makes use of machine learning algorithms that take into explanation behavioral patterns, historical data and predetermined criteria. It delivers a real time representation of the responsibility of devices by dynamically updating trust scores. Since of its centralized nature, the engine enables a comprehensive understanding of the IoT ecosystem, which helps to improve trust models.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eThe policies and standards for determining and modifying trust levels are outlined in the Policy Management component. Policies can be personalized by managers to meet the unique needs of edge apps and the IoT ecosystem. The reply to shifts in the trust score is determined by illegal policies, which also include notifications for suspicious activity, access permissions, and the start of corrective procedures. The flexibility and customization of the access control system are assured by this policy driven method.\\u003c/p\\u003e\\n\\u003cp\\u003eDevices, edge layer and the central processing system provide secure communication channels to guard against unwanted access and operation of private data while it is being transferred. This element is essential for preserving the privacy and integrity of data transferred via the Internet of Things.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eMonitoring dashboard the Centralized Checking and Analytics component gives managers a thorough accepting of the IoT ecosystem. The systems security state is kept up to date for managers with the use of real time trust scores, access logs and alerts. The use of analytics tools, historical data may be mined for insights that can be applied to continuously improve trust models and access control rules completed time. In conclusion, the suggested architecture combines trust based processes with AI driven dynamic access control, utilising edge computing to provide dispersed enforcement and real time decision making. By addressing the particular difficulties brought about by the dynamic nature of IoT surroundings this design improves the security, flexibility and dependability of IoT devices at the edge.\\u003c/p\\u003e\\n\\u003cp\\u003eA major step towards improving the security and effectiveness of IoT ecosystems is the combination of AI driven dynamic access management for IoT devices at the edge, especially when done so using a trust based strategy. This approach reduces potential security risks and unauthorized access by utilizing artificial intelligence to dynamically adjust access rules based on trust levels. By placing a strong focus on trust a more sophisticated and contextually aware system is established, enabling adaptive decision making that keeps up with the changing nature of interactions between devices. This framework supports innovation and dependability in the implementation of edge computing solutions while reinforcement the defence against cyber threats and setting the foundation for a more robust and reliable Internet of Things infrastructure as the digital world grows more interconnected. \\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eB. Role of AI driven in the access control process including anomaly detection, risk assessment and dynamic policy adaptation.\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eAI driven approach which includes features like anomaly detection, risk assessment and dynamic policy adaption is needed to the access control procedure. An account of how AI disturbs each of these factors is provided below:\\u003c/p\\u003e\\n\\u003cp\\u003e\\u0026nbsp;\\u003c/p\\u003e\\n\\u003col\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eAnomaly Detection:\\u003c/strong\\u003e\\u0026nbsp;\\u003col style=\\\"list-style-type: lower-alpha;\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eFunction:\\u003c/strong\\u003e AI shows a key role in spotting unusual activity in the Internet of Things setting. It practices machine learning techniques to create baselines of typical behavior for each device. Any departures from these designs are noted as irregularities, which may be a sign of abnormalities or security risks.\\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eProcedure:\\u003c/strong\\u003e The AI system learns patterns of usual behaviour by constantly analysing incoming data from IoT devices. Abnormalities are used to show possible security concerns by locale off alarms or changing the devices trust score.\\u003c/li\\u003e\\n \\u003c/ol\\u003e\\n \\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eRisk Assessment:\\u0026nbsp;\\u003c/strong\\u003e\\n \\u003col style=\\\"list-style-type: lower-alpha;\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eRole:\\u003c/strong\\u003e AI assesses each IoT devices risk by taking into account a number of variables, including past practice patterns, authentication information and contextual ecofriendly information. AI assesses these factors and gives each device a trust score that represents the degree of assurance in its dependability.\\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eProcedure:\\u003c/strong\\u003e The AI driven risk assessment demands looking at the context of the devices interactions, assessing the devices submission with security protocols and analyzing patterns over time. The system is able to alter shifting conditions and new threats to this dynamic review.\\u003c/li\\u003e\\n \\u003c/ol\\u003e\\n \\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eDynamic Policy Adaptation\\u003c/strong\\u003e\\n \\u003col style=\\\"list-style-type: lower-alpha;\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eRole:\\u003c/strong\\u003e AI marks it easier for access control rules to change dynamically in response to assessments of device dependability made in real time. Because of its adaptability, access permissions can be dynamically changed to reflect changes in the security landscape, environment or device behavior.\\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eProcedure:\\u003c/strong\\u003e Artificial Intelligence constantly tracks IoT device trust scores and compares them to reestablished access control settings. The AI system dynamically modifies the policies controlling a devices access rights in response to changes in the devices trust level either positively or undesirably. For instance access to a device may be restricted until the anomaly is fixed if it shows suspicious behavior.\\u003c/li\\u003e\\n \\u003c/ol\\u003e\\n \\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003eArtificial Intelligence functions as a practical and flexible component in the access control procedure for edge IoT devices. It improves security by identifying anomalies, assessing risks and dynamically adjusting access control policies by utilizing machine learning techniques. A more reactive and context aware system is made possible by this trust based method, which is essential for protecting the diverse and dynamic contexts in which Internet of Things devices function.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eC. Trust formation between devices, users and the edge gateway\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eThe basis of trust based access control is the development and continuing assessment of trust connections between users, devices and the edge gateway. Ensuring the security and reliability of IoT ecosystems requires this strategy. Here is a detailed conversation:\\u003c/p\\u003e\\n\\u003col\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eTrust Formation Between Devices\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eDynamic Trust Scores:\\u003c/strong\\u003e Dynamic trust scores are allocated to specific IoT devices based on their behavior, past interactions and submission with security regulations. This is known as trust based access control. These devices data are continuously analyzed by machine learning algorithms, which modify trust scores in real time.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eBehavioral Analysis:\\u003c/strong\\u003e Each devices behavioral pattern is examined in order to build trust. Advanced trust scores are given to devices that consistently behave as expected over time devices that deviate from regular patterns may have their trust scores adapted accordingly.\\u003c/p\\u003e\\n\\u003col start=\\\"2\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eEstablishing Trust Between Users and Devices\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eUser Authentication and Authorization:\\u003c/strong\\u003e Trust based access control proceeds users dependability while dealing with IoT devices into account as well. User identities are confirmed via authentication techniques, and their authorization is dependent on the levels of trust provided to the user and the device being accessed.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eContext Aware Access:\\u003c/strong\\u003e This notion goes a step further by taking user device interactions into account. A user may be more trusted for instance, if they access an IoT device from a known secure location. However if they attempt to access the device from an unknown or doubtful place their degree of trust may be reduced.\\u003c/p\\u003e\\n\\u003col start=\\\"3\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eForming Trust Between Devices and Edge Gateway\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eSecure Communication Channels:\\u003c/strong\\u003e Secure communication channels help to create trust between IoT devices and the edge gateway. Common trust is boosted by encryption measures which guarantee the privacy and integrity of data transferred between devices and the edge gateway.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eAuthentication Protocols:\\u003c/strong\\u003e Before any data exchange takes place, devices authenticate themselves to the edge gateway using strong authentication protocols. The completion of various authentication procedures may have an impact on trust levels.\\u003c/p\\u003e\\n\\u003col start=\\\"4\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eConstant Trust Assessment\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eReal Time Surveillance:\\u003c/strong\\u003e Trust based access control is dependent on ongoing reflection and assessment. With real time data analysis the AI powered system dynamically updates trust scores, enabling quick reactions to changes in device behavior or security circumstances.\\u003c/p\\u003e\\n\\u003col start=\\\"5\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eTrust Based Access Policy Implementation\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003ePolicy Adaptation:\\u003c/strong\\u003e The application of access policies is guided by trust based access control. While devices with lower trust scores might be subject to more preventive regulations devices with higher trust scores might have more access privileges. Policies that are flexible make sure that the access control system is in line with the trust relationships that exist.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eD. Operation of edge computing skills for real time decision making and distributed administration.\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003e\\u0026nbsp; \\u0026nbsp; \\u0026nbsp;The following explains how edge computing is used by the framework to achieve these goals:\\u003c/p\\u003e\\n\\u003col\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eLocal Processing and Real Time Data Analysis\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eEdge Computing Layer:\\u003c/strong\\u003e By placing local processing things at the edge, the framework makes use of edge computing. These devices handle the first data processing, which allows prompt data analysis and filtering made by IoT devices.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eMaking decisions in real time:\\u003c/strong\\u003e At the edge real time data analysis is made possible by the local processing units allowing for quick decision making. This is especially crucial in conditions where there is a time crisis and prompt responses to security events or access demands are needed.\\u003c/p\\u003e\\n\\u003col start=\\\"2\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eAI Driven Access Control Module\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eEdge Based AI driven Processing:\\u003c/strong\\u003e Using machine learning methods for dynamic access control, the AI Driven Access Control Element functions at the edge. Effective device behavior analysis is made possible by this decentralized approach to AI processing, which does not trust exclusively on centralized systems.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eAdaptive Decision Making:\\u003c/strong\\u003e The framework may adaptively modify access rights based on real time dependability evaluations at the edge. The decision making flexibility improves the access control system\\u0026apos;s responsiveness.\\u003c/p\\u003e\\n\\u003col start=\\\"3\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eTrust Modules and Continuing Monitoring\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eLocal Trust Valuation:\\u003c/strong\\u003e IoT device related Trust Modules carry out local trust valuations. Decentralization facilitates continuing opinion of device behavior at the edge, which adds to the trust based approach real time feature.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eReduced delay:\\u003c/strong\\u003e Choices are made closer to the data source edge computing reduces delay in the trust evaluation process.\\u003c/p\\u003e\\n\\u003col start=\\\"4\\\"\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eRobustness and Scalability\\u003c/strong\\u003e\\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eDecentralized Architecture:\\u003c/strong\\u003e By developing edge computing, a decentralized architecture is created which upturns the robustness of the system. The local processing units and AI modules at the edge can withstand access control abilities even in the event of network outages or communication failures.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eScalability:\\u003c/strong\\u003e In spread IoT contexts edge computing permits the scalable deployment of processing units. This scalability is vital to ensure that the framework can handle growing data volumes and access control requests as the number of IoT devices increases. The suggested method guarantees distributed policy enforcement, adaptive access control and real time decision making by combining edge computing capabilities into the framework. This improves the systems scalability and robustness in dynamic IoT contexts in addition to improving security and awareness.\\u003c/p\\u003e\"},{\"header\":\"IV. EXPERIMENTAL SETUP\",\"content\":\"\\u003cp\\u003eThis research endeavor, delve into the realm of AI driven dynamic access control, introducing a trust based approach to reinforce the security posture of IoT networks. Our unique feature of experimentation involves configuring an attacker machine armed with Kali Linux and dual external wireless cards, mimicking real world threat scenarios. Through particular use cases, ranging from unauthorized access attempts to wireless activity rigorously calculate the efficiency of our suggested approach. Figure 2 shows the experimental setup used and executed in this research.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eThe chokepoint of our experimental framework lies in the deployment of an Inspection firewall governed by AI driven Access Control Lists (ACLs). Enhancing this setup is the combination of Wazuh for real time security monitoring and Kibana for intuitive visualization.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eInfrastructure Configuration\\u0026nbsp;\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eA different array of IoT devices, ranging from sensors to actuators is strategically deployed to simulate a realistic environment. These devices cooperatively represent the intricate network fabric that describes IoT ecosystems. Their deployment contains varied functionalities imitating the complexity encountered in real world situations.\\u003c/p\\u003e\\n\\u003ch4\\u003eEdge Devices\\u003c/h4\\u003e\\n\\u003cp\\u003eThe IoT devices, edge computing devices are strategically placed to efficiently manage and process data. These devices assist as a decentralized computational layer adopting quicker decision making by handling data nearer to its source. This architecture not only enhances latency but also improves the overall efficiency of the IoT network.\\u003c/p\\u003e\\n\\u003ch4\\u003eFirewall\\u003c/h4\\u003e\\n\\u003cp\\u003eThe strategic chokepoint within the network architecture an Inspection firewall is deployed. This firewall assumes a vital role in controlling and monitoring the traffic flow between IoT devices and the broader network. Located as the protector at the gateway, it acts as the first line of defense, inspecting data packets and applying security policies to impede unauthorized access and potential threats.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eImplementation of AI-Driven ACLs\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eThe Inspection firewall is encouraged with AI driven Access Control Lists (ACLs), leveraging advanced machine learning models. These ACLs are not static instead they dynamically adapt based on real time analysis of network performance and the trust levels related with individual devices. This dynamic adjustment mechanism ensures that the security actions are approachable to the developing nature of network conditions and device interactions.\\u003c/p\\u003e\\n\\u003ch4\\u003eSecurity Monitoring and Logging\\u003c/h4\\u003e\\n\\u003ch4\\u003eIncorporation with Wazuh\\u003c/h4\\u003e\\n\\u003cp\\u003eThe Wazuh Security Information and Event Management (SIEM) system is seamlessly integrated into the network architecture. Wazuh provides a robust framework for monitoring security events. It dynamically examines logs, detects potential threats and triggers timely responses enhancing the overall security position of the IoT environment.\\u003c/p\\u003e\\n\\u003ch4\\u003eKibana:\\u003c/h4\\u003e\\n\\u003cp\\u003eKibana is a powerful visualization tool is employed to separate and examine security events indexed by Wazuh. This graphical representation aids researchers and security experts in gaining actionable insights into the nature of security events, identifying patterns and helping informed decision making.\\u003c/p\\u003e\\n\\u003ch4\\u003eAttacker Configuration\\u003c/h4\\u003e\\n\\u003ch4\\u003eKali Linux Machine\\u003c/h4\\u003e\\n\\u003cp\\u003eTo imitate real world cyber threats, a dedicated machine is configured with Kali Linux. This machine serves as the attacker collection, covering a suite of tools and experiences aimed at investigative vulnerabilities within the IoT network.\\u003c/p\\u003e\\n\\u003ch4\\u003eWireless Attack Simulation\\u003c/h4\\u003e\\n\\u003cp\\u003eThe two external wireless cards specifically the ASUS N13 adaptor the attacker machine is capable of simulating realistic wireless attacks. This structure enables the execution of diverse wireless exploits reflecting the probable threats posed by challengers with sophisticated capabilities.\\u003c/p\\u003e\\n\\u003ch4\\u003eAttack Simulations\\u003c/h4\\u003e\\n\\u003cp\\u003eSeveral attack scenarios are accurately simulated, incorporating unauthorized access attempts to IoT devices, man in the middle attacks targeting communication between IoT and edge devices, and manipulation attempts on vulnerabilities residing in IoT device firmware. These scenarios collectively stress test the robustness of the suggested security infrastructure.\\u003c/p\\u003e\\n\\u003ch3\\u003eUse Cases - Dynamic Access Control\\u003c/h3\\u003e\\n\\u003cp\\u003eThe experimentation lies in evaluating the effectiveness of AI driven ACLs. Through a series of scenarios the adaptability of these ACLs to different network situations and their awareness to dynamic changes in device behavior are carefully assessed.\\u003c/p\\u003e\\n\\u003ch3\\u003eIntrusion Detection and Response\\u003c/h3\\u003e\\n\\u003cp\\u003eThe ability of the Wazuh system to detect and respond to abnormal activities and security incidents is systematically calculated. This contains assessing the system\\u0026apos;s response time to security events and its overall efficacy in protection the IoT network.\\u003c/p\\u003e\\n\\u003cp\\u003eFigure 2 illustrates the sharing of various cyber threats identified by the Wazuh Intrusion Detection and Response (IDR) platform during the experimental phase. The following breakdown showcases the percentage distribution of specific attack categories:\\u003c/p\\u003e\\n\\u003col\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003ePassword Guessing (61%):\\u003c/strong\\u003e\\n \\u003cul\\u003e\\n \\u003cli\\u003eThe most established attack category is password guessing establishing a important 61% of the chart. This shows a significant focus on attempts to gain unauthorized access through efficient password trial and error experimental methods.\\u003c/li\\u003e\\n \\u003c/ul\\u003e\\n \\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eSSH Brute Forcing (27%):\\u003c/strong\\u003e\\n \\u003cul\\u003e\\n \\u003cli\\u003eSSH brute forcing represents a considerable portion, accounting for 27% of detected attacks. This suggests persistent efforts to compromise security by systematically attempting various authentication credentials for SSH (Secure Shell) access.\\u003c/li\\u003e\\n \\u003c/ul\\u003e\\n \\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eGeneric Brute Forcing (4%):\\u003c/strong\\u003e\\n \\u003cul\\u003e\\n \\u003cli\\u003eGeneric brute forcing, a wider form of password based attacks, contributes to 4% of the total. While moderately less frequent it still highlights the importance of defending against brute force attempts on various fronts.\\u003c/li\\u003e\\n \\u003c/ul\\u003e\\n \\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eFile Traversal (2%):\\u003c/strong\\u003e\\n \\u003cul\\u003e\\n \\u003cli\\u003eFile traversal attacks, where attackers attempt to access unauthorized directories and files, make up 2% of the chart. Although a smaller percentage, this indicates potential attempts to exploit vulnerabilities in file access controls.\\u003c/li\\u003e\\n \\u003c/ul\\u003e\\n \\u003c/li\\u003e\\n\\u003c/ol\\u003e\\n\\u003ch3\\u003eVisualization and Analysis\\u003c/h3\\u003e\\n\\u003cp\\u003eKibana, the logged security events are precisely analyzed. This comprises identifying patterns and gaining a comprehensive understanding of the security posture of the IoT network. The visual representation aids in extracting actionable intelligence.\\u003c/p\\u003e\\n\\u003cp\\u003eSystem Resilience\\u003c/p\\u003e\\n\\u003cp\\u003eThe system ability to withstand wireless attacks from the Kali Linux computer is tested. This includes assessing the network\\u0026apos;s resilience to complex wireless exploits and the firewall\\u0026apos;s ability to prevent unwanted wireless access. The results of integration checks performed on different files in the experimental environment are shown graphically in Fig. 3. The AI-ACLs that are activated under attack conditions are shown in Figure 4.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003ch3\\u003eTrust Based Approach\\u003c/h3\\u003e\\n\\u003cp\\u003eThe trust based approach influence on security is methodically investigated. This involves examining the success rates of attacks against both trusted and untrusted devices providing valuable insights into the effectiveness of the proposed trust based paradigm. \\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003eFig. 5 showcases the results of vulnerability assessments conducted as part of the current experimental use cases.\\u0026nbsp;\\u003c/p\\u003e\\n\\u003cp\\u003e\\u0026middot; \\u003cstrong\\u003eCritical\\u0026nbsp;Vulnerabilities (35%):\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eThe largest segment, constituting 35%, signifies vulnerabilities categorized as critical. These vulnerabilities pose a severe threat to the security infrastructure, potentially enabling attackers to compromise the integrity, confidentiality, or availability of the IoT devices.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u0026middot; \\u003cstrong\\u003eHigh\\u0026nbsp;Severity Vulnerabilities (25%):\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eA significant portion, accounting for 25%, represents vulnerabilities categorized as high severity. While not as critical as the highest level, these vulnerabilities still pose a substantial risk and require urgent attention and remediation.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u0026middot; \\u003cstrong\\u003eMedium\\u0026nbsp;Severity Vulnerabilities (20%):\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eThe chart allocates 20% to vulnerabilities categorized as medium severity. These vulnerabilities may have a notable impact on the security of the IoT network but might not pose an immediate and severe threat.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u0026middot; \\u003cstrong\\u003eLow\\u0026nbsp;Severity Vulnerabilities (15%):\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003cp\\u003eA notable segment, representing 15%, denotes vulnerabilities classified as low severity. While these vulnerabilities may not present an immediate threat, addressing them is essential for maintaining a robust security posture over the long term.\\u003c/p\\u003e\\n\\u003cp\\u003eBased on the number of cases that were passed, failed, and marked as not applicable within the IoT network, Figure 6 gives a summary of the security assessment results.\\u003c/p\\u003e\\n\\u003cp\\u003e\\u003cstrong\\u003eKey Observations:\\u003c/strong\\u003e\\u003c/p\\u003e\\n\\u003col\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eCases Passed (77 in count)\\u003c/strong\\u003e\\u003cbr\\u003e\\u0026nbsp;Security assessment cases that have successfully passed scrutiny make up the largest portion of the chart, accounting for 45% of the total. These examples support a strong security posture and follow the defined security standards.\\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eCases Failed (110 in count)\\u003c/strong\\u003e\\u003cbr\\u003e\\u0026nbsp;A sizeable portion (45%) denotes security assessment cases that don\\u0026apos;t fit the predetermined security standards. In order to address the vulnerabilities or weaknesses found, these cases need to be addressed right away.\\u003c/li\\u003e\\n \\u003cli\\u003e\\u003cstrong\\u003eNot Applicable Cases (13 in count)\\u003c/strong\\u003e\\u003cbr\\u003e\\u0026nbsp;Ten percent of the cases in the chart are classified as non-applicable. This category might include situations in which particular security evaluations are thought to be superfluous or irrelevant for particular IoT network components.\\u003c/li\\u003e\\n\\u003c/ol\\u003e\"},{\"header\":\"V. CONCLUSION\",\"content\":\"\\u003cp\\u003eThe integration of AI-driven dynamic access management for IoT devices at the edge, particularly when done so through a trust based approach, is a critical step in improving the security and effectiveness of IoT ecosystems. This method uses artificial intelligence to dynamically modify access rules according to trust levels, thereby lowering potential security risks and unauthorized access. This is important given the quickly developing IoT ecosystem. By placing a strong focus on trust, a more sophisticated and contextually aware system is established, enabling adaptive decision-making that keeps up with the changing nature of interactions between devices. The suggested framework supports innovation and dependability in the implementation of edge computing solutions while strengthening the defence against cyber threats and laying the foundation for a more robust and reliable Internet of Things infrastructure as the digital world grows more interconnected.\\u0026nbsp;\\u003c/p\\u003e\"},{\"header\":\"Declarations\",\"content\":\"\\u003ch2\\u003eFunding\\u003c/h2\\u003e\\u003cp\\u003eThe current Research work does not received any funding.\\u003c/p\\u003e\\u003ch2\\u003eAuthor Contribution\\u003c/h2\\u003e\\u003cp\\u003eAuthor1: Dr. Saranya R, wrote the main ManuscriptAuthor1: Dr. Suresh G, Prepared the list of Tables and Figures\\u003c/p\\u003e\"},{\"header\":\"References\",\"content\":\"\\u003col\\u003e\\n \\u003cli\\u003ehttps://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/\\u003c/li\\u003e\\n \\u003cli\\u003eBao, F.; Chen, I.-R.; Guo, J. Scalable, adaptive and survivable trust management for community of interest based Internet of Things systems. In Proceedings of the 2013 IEEE Eleventh International Symposium on Autonomous Decentralized Systems (ISADS), Mexico City, Mexico, 6\\u0026ndash;8 March 2013; pp. 1\\u0026ndash;7.\\u003c/li\\u003e\\n \\u003cli\\u003eRenubala, S.; Dhanalakshmi, K.S. Trust based secure routing protocol using fuzzy logic in wireless sensor networks. In Proceedings of the 2014 IEEE International Conference on Computational Intelligence and Computing Research, Coimbatore, India, 18\\u0026ndash;20 December 2014; pp. 1\\u0026ndash;5.\\u003c/li\\u003e\\n \\u003cli\\u003eNitti, M.; Girau, R.; Atzori, L. Trustworthiness Management in the Social Internet of Things. IEEE Trans. Knowl. Data Eng. 2014, 26, 1253\\u0026ndash;1266.\\u0026nbsp; \\u0026nbsp; \\u0026nbsp; \\u0026nbsp; \\u0026nbsp;\\u0026nbsp;\\u003c/li\\u003e\\n \\u003cli\\u003eChe, S.; Feng, R.; Liang, X.; Wang, X. A lightweight trust management based on Bayesian and Entropy for wireless sensor networks. Secur. Commun. Netw. 2015, 8, 168\\u0026ndash;175.\\u003c/li\\u003e\\n \\u003cli\\u003eMendoza, C.V.L.; Kleinschmidt, J.H. Mitigating On-Off Attacks in the Internet of Things Using a Distributed Trust Management Scheme. Int. J. Distrib. Sens. Netw. 2015, 11, 859731.\\u003c/li\\u003e\\n \\u003cli\\u003eChen, I.-R.; Guo, J.; Bao, F. Trust Management for SOA-Based IoT and Its Application to Service Composition. IEEE Trans. Serv. Comput. 2016, 9, 482\\u0026ndash;495.\\u003c/li\\u003e\\n \\u003cli\\u003eRajesh, G.; Raajini, X.M.; Vinayagasundaram, B. Fuzzy trust-based aggregator sensor node election in internet of things. Int. J. Internet Protoc. Technol. 2016, 9, 151.\\u003c/li\\u003e\\n \\u003cli\\u003eAsiri, S.; Miri, A. An IoT trust and reputation model based on recommender systems. In Proceedings of the 2016 14th Annual Conference on Privacy, Security and Trust (PST), Auckland, New Zealand, 12\\u0026ndash;14 December 2016; pp. 561\\u0026ndash;568.\\u003c/li\\u003e\\n \\u003cli\\u003eAlshehri, M.D.; Hussain, F.K. A centralized trust management mechanism for the internet of things (ctm-iot). In International Conference on Broadband and Wireless Computing, Communication and Applications; Springer: New York, NY, USA, 2017.\\u003c/li\\u003e\\n \\u003cli\\u003eAlshehri, M.D.; Hussain, F.K.; Hussain, O.K. Clustering-driven intelligent trust management methodology for the internet of things (CITM-IoT). Mob. Netw. Appl. 2018, 23, 419\\u0026ndash;431.\\u003c/li\\u003e\\n \\u003cli\\u003eJayasinghe, U.; Lee, G.M.; Um, T.-W.; Shi, Q. Machine Learning Based Trust Computational Model for IoT Services. IEEE Trans. Sustain. Comput. 2019, 4, 39\\u0026ndash;52.\\u003c/li\\u003e\\n \\u003cli\\u003eAlshehri, M.D.; Hussain, F.K. A fuzzy security protocol for trust management in the internet of things (Fuzzy-IoT). Computing 2019, 101, 791\\u0026ndash;818.\\u003c/li\\u003e\\n \\u003cli\\u003eKhalil, A.; Mbarek, N.; Togni, O. Fuzzy Logic Based Security Trust Evaluation for IoT Environments. In Proceedings of the 2019 IEEE/ACS 16th International Conference on Computer Systems and Applications (AICCSA), Abu Dhabi, United Arab Emirates, 3\\u0026ndash;7 November 2019; pp. 1\\u0026ndash;8.\\u003c/li\\u003e\\n \\u003cli\\u003eMasmoudi, M.; Abdelghani, W.; Amous, I.; S\\u0026egrave;des, F. Deep Learning for Trust-Related Attacks Detection in Social Internet of Things. In Evolutionary Computing and Mobile Sustainable Networks; Springer: Singapore, 2020; pp. 389\\u0026ndash;404.\\u003c/li\\u003e\\n \\u003cli\\u003eWang, B.; Li, M.; Jin, X.; Guo, C. A Reliable IoT Edge Computing Trust Management Mechanism for Smart Cities. IEEE Access 2020, 8, 46373\\u0026ndash;46399.\\u003c/li\\u003e\\n \\u003cli\\u003eHankare, P.; Babar, S.; Mahalle, P. Trust Management Approach for Detection of Malicious Devices in SIoT. Teh. Glas. 2021, 15, 43\\u0026ndash;50.\\u003c/li\\u003e\\n \\u003cli\\u003eDevi Priya, Sibi Chakkaravarthy Sethuraman, Muhammad Khurram Khan, \\u0026ldquo;Container Security: Precaution levels, Mitigation Strategies, and Research Perspectives\\u0026quot;, Computers \\u0026amp; Security, Elsevier, vol. 135, 103490, 2023.\\u003c/li\\u003e\\n \\u003cli\\u003eBa-Hutair, M.N.; Bouguettaya, A.; Neiat, A.G. Multi-Perspective Trust Management Framework for Crowdsourced IoT Services. IEEE Trans. Serv. Comput. 2021, 1.\\u003c/li\\u003e\\n \\u003cli\\u003eLingda, K.; Feng, Z.; Yingjie, Z.; Nan, Q.; Dashuai, L.; Shaotang, C. Evaluation method of trust degree of distribution IoT terminal equipment based on information entropy. J. Phys. Conf. Ser. 2021, 1754, 012108.\\u003c/li\\u003e\\n \\u003cli\\u003eZheng, G.; Gong, B.; Zhang, Y. Dynamic Network Security Mechanism Based on Trust Management in Wireless Sensor Networks. Wirel. Commun. Mob. Comput. 2021, 2021, 6667100.\\u003c/li\\u003e\\n \\u003cli\\u003eGopinath M, Sibi Chakkaravarthy Sethuraman, \\u0026ldquo;A comprehensive survey on deep learning based malware detection techniques\\u0026rdquo;, Computer Science Review, Vol. 47, February 2023, Elsevier.\\u003c/li\\u003e\\n \\u003cli\\u003eSengupta, J., Goswami, A., Roy, S., \\u0026amp; Das, S. K. (2019). Access control mechanisms for IoT devices: A survey. In 2019 5th International Conference on Information Systems Architecture and Technology (ISAT) (pp. 1-7). IEEE.\\u003c/li\\u003e\\n \\u003cli\\u003eChen, R., Xu, H., Li, W., \\u0026amp; Jin, H. (2020). A survey of access control models for the internet of things. IEEE Access, 8, 93405-93423.\\u003c/li\\u003e\\n \\u003cli\\u003eWang, L., Xu, J., Yang, Y., \\u0026amp; Wang, F. (2022). Challenges and opportunities of access control in edge computing for the internet of things. IEEE Internet of Things Magazine, 5(5), 39-47.\\u003c/li\\u003e\\n \\u003cli\\u003eAmini, M. H., Farzanehfar, A., \\u0026amp; Dehkordi, M. K. (2023). Machine learning-based access control mechanisms for internet.\\u003c/li\\u003e\\n \\u003cli\\u003eDevi Priya V S, Sibi Chakkaravarthy Sethuraman, \\u0026ldquo;Containerized cloud-based honeypot deception for tracking attackers\\u0026rdquo;, Scientific Reports, Nature, 2023.\\u003c/li\\u003e\\n \\u003cli\\u003eSibi Chakkaravarthy Sethuraman, Aditya Mitra, Kuan-Ching Li, Anisha Ghosh, M Gopinath, Nitin Sukhija, \\u0026quot;Loki: A Physical Security Key Compatible IoT Based Lock for Protecting Physical Assets\\u0026quot;, Vol. 10, Pages. 112721-112730, IEEE Access, 2023.\\u003c/li\\u003e\\n\\u003c/ol\\u003e\"}],\"fulltextSource\":\"\",\"fullText\":\"\",\"funders\":[],\"hasAdminPriorityOnWorkflow\":false,\"hasManuscriptDocX\":true,\"hasOptedInToPreprint\":true,\"hasPassedJournalQc\":\"\",\"hasAnyPriority\":false,\"hideJournal\":true,\"highlight\":\"\",\"institution\":\"\",\"isAcceptedByJournal\":false,\"isAuthorSuppliedPdf\":false,\"isDeskRejected\":\"\",\"isHiddenFromSearch\":false,\"isInQc\":false,\"isInWorkflow\":false,\"isPdf\":false,\"isPdfUpToDate\":true,\"isWithdrawnOrRetracted\":false,\"journal\":{\"display\":true,\"email\":\"info@researchsquare.com\",\"identity\":\"researchsquare\",\"isNatureJournal\":false,\"hasQc\":true,\"allowDirectSubmit\":true,\"externalIdentity\":\"\",\"sideBox\":\"\",\"snPcode\":\"\",\"submissionUrl\":\"/submission\",\"title\":\"Research Square\",\"twitterHandle\":\"researchsquare\",\"acdcEnabled\":true,\"dfaEnabled\":false,\"editorialSystem\":\"\",\"reportingPortfolio\":\"\",\"inReviewEnabled\":false,\"inReviewRevisionsEnabled\":true},\"keywords\":\"IoT, Artificial Intelligence, Trust based ACL, ACLs\",\"lastPublishedDoi\":\"10.21203/rs.3.rs-6757754/v1\",\"lastPublishedDoiUrl\":\"https://doi.org/10.21203/rs.3.rs-6757754/v1\",\"license\":{\"name\":\"CC BY 4.0\",\"url\":\"https://creativecommons.org/licenses/by/4.0/\"},\"manuscriptAbstract\":\"\\u003cp\\u003eThe challenge of Internet of Things data management has grown considerably since recent times which make its security establishment especially problematic. The complex nature of IoT data security occurs because IoT environments feature diverse dynamic elements. The solution of these security challenges necessitates using sophisticated machine learning along with deep learning algorithms. Part of delivering IoT security consists of giving the correct authorization to devices that meet specified requirements. The proposed work presents a trust based dynamic access control protocol for IoT devices at the edge which uses AI-driven algorithms for operation. The system can monitor device conduct over time and current analysis to determine trust levels which then allows it to modify access permissions automatically for security improvement. Research performs an analysis of the proposed methodology to verify its ability to prevent unauthorized system entry while safeguarding data integrity in IoT networks. Several tests ran in an IoT emulation platform simulated different attack sequences that included invasive access attempts and device intrusions. The experimental testing showed that attack detection reliability increased substantially through the replacement of traditional static access control approaches. Under the trust based model attackers had better detection results because it proved more efficient at differentiating between both legitimate and malicious activities than traditional controls.\\u003c/p\\u003e\",\"manuscriptTitle\":\"AI-Driven Dynamic Access Control for IoT Devices at the Edge: A Trust-based Approach\",\"msid\":\"\",\"msnumber\":\"\",\"nonDraftVersions\":[{\"code\":1,\"date\":\"2025-08-25 11:19:10\",\"doi\":\"10.21203/rs.3.rs-6757754/v1\",\"editorialEvents\":[{\"type\":\"communityComments\",\"content\":0}],\"status\":\"published\",\"journal\":{\"display\":true,\"email\":\"info@researchsquare.com\",\"identity\":\"researchsquare\",\"isNatureJournal\":false,\"hasQc\":true,\"allowDirectSubmit\":true,\"externalIdentity\":\"\",\"sideBox\":\"\",\"snPcode\":\"\",\"submissionUrl\":\"/submission\",\"title\":\"Research Square\",\"twitterHandle\":\"researchsquare\",\"acdcEnabled\":true,\"dfaEnabled\":false,\"editorialSystem\":\"\",\"reportingPortfolio\":\"\",\"inReviewEnabled\":false,\"inReviewRevisionsEnabled\":true}}],\"origin\":\"\",\"ownerIdentity\":\"48e8b7b2-b43b-493b-8dd8-eba0c5a45ab7\",\"owner\":[],\"postedDate\":\"August 25th, 2025\",\"published\":true,\"recentEditorialEvents\":[],\"rejectedJournal\":[],\"revision\":\"\",\"amendment\":\"\",\"status\":\"posted\",\"subjectAreas\":[],\"tags\":[],\"updatedAt\":\"2025-09-28T10:23:31+00:00\",\"versionOfRecord\":[],\"versionCreatedAt\":\"2025-08-25 11:19:10\",\"video\":\"\",\"vorDoi\":\"\",\"vorDoiUrl\":\"\",\"workflowStages\":[]},\"version\":\"v1\",\"identity\":\"rs-6757754\",\"journalConfig\":\"researchsquare\"},\"__N_SSP\":true},\"page\":\"/article/[identity]/[[...version]]\",\"query\":{\"redirect\":\"/article/rs-6757754\",\"identity\":\"rs-6757754\",\"version\":[\"v1\"]},\"buildId\":\"8U1c8b4HqxoKbykW_rLl7\",\"isFallback\":false,\"isExperimentalCompile\":false,\"dynamicIds\":[84888],\"gssp\":true,\"scriptLoader\":[]}","source_license":"CC-BY-4.0","license_restricted":false}