The Internet of Things (IoT) plays an important role in many cyber-physical systems in numerous industries today. Security issues could be a critical concern because of some vulnerable characteristics of the IoT, such as its weak access control, 24/7 operation, and lack of anti-malware tools. However, it is not easy to implement security in the IoT because of the lightweight design of IoT devices, which inhibit an authentication function. This paper proposes a security method for IoT authentication and monitoring, with no need for the modification of IoT devices. The proposed scheme could facilitate system administrators' monitoring and use control of the IoT and identify threat sources in IoT environments.