The Internet of Things (IoT) networks are getting bigger and bigger. In most cases, all IT assets are connected to the network and various resources and services are provisioned proactively as needed. To achieve this, many smart objects are being developed in the field of intelligent devices. However, most of these objects can only enable their smart functionalities only after the user starts interacting with the object, which leads to an absence of intelligence between things. Bridging the gap between these entities to improve network productivity and improve network security is a challenge. Because the logs generated by IoT devices are vast and diverse, it is difficult to detect and defend against cyber-attacks with existing network security technologies. Existing cyber-attack detection systems cannot detect new attacks because they defend by defining known attack patterns as rules. This paper presents relations and security control in inference system to infer with which object a person wishes to interact by observing his behavior. Security control for services in this paper is important, and specialized. To achieve this goal, this inference problem is resolved into a problem of distinguishing, for each object, whether the IoT device has the intention to interact with it. It analyzes human behavior and detects whether there is a cyber-attack intention. Subsequently, for every object, a set of human-device relations, including Relative Distance, Relative Angle, Movement Speed, Approach Efficiency and Movement Efficiency, is extracted from the person's behavior. These relationships are used to determine whether a person wants to interact with a particular object using a Support Vector Machine (SVM) classifier. And new mechanisms are needed to shrink massive raw logs and detect new attack patterns. Thus, this paper suggests a method for securing a huge network supporting IoT services. The proposed inference systems detect unusual network patterns by calculating correlations between events based on graphs and network measurements. We model ensemble of events based on log graphs interconnected between network devices and IoT gateways. We implement and evaluate an algorithm that detects new attack patterns by estimating the attack probability by clustering the event ensemble in real time. Finally, for the effectiveness of the proposed relations, the experimental application of a real dataset is evaluated, with encouraging results. Using the proposed human-object relations, it is possible to sense users' interaction intentions in advance and thus to proactively provide user-adaptive services based on safety.