US 12,132,730 B2
Behavior driven security for IoT devices
Pierpaolo Tommasi, Dublin (IE); Elizabeth Daly, Dublin (IE); and Martin Stephenson, Ballynacargy (IE)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by INTERNATIONAL BUSINESS MACHINES CORPORATION, Armonk, NY (US)
Filed on Mar. 24, 2022, as Appl. No. 17/656,327.
Prior Publication US 2023/0308438 A1, Sep. 28, 2023
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/0876 (2013.01) 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
detecting an action from a set of Internet of Things (IoT) devices;
identifying a context for the action and at least one IoT device of the set of IoT devices;
validating the action and the context for the at least one IoT device;
based on the validating the action and the context, identifying the action as an anomaly;
identifying a potential state change for the at least one IoT device based on the anomaly;
determining whether an allowed tag for the anomaly exists, wherein the allowed tag is based on a usage history of the at least one IoT device and a notification response history for the at least one IoT device; and
determining a responsive action based on the potential state change, existence of the allowed tag, and the anomaly.