The growth of Internet of Things (IoT) faces the growing concern of cyber-attacks toward IoT. Unfortunately, the constrained resources of IoT devices and their networks make many traditional attack detection methods less effective or even not applicable. In this paper, we present a framework for a smart home environment that considers the unique properties of IoT networks. This framework utilizes a two-mode adaptive security model to enable users to balance performance, security, and overhead. We show the efficacy of our framework in two case studies that address two types of attacks in the smart home environment: sinkhole attack and distributed denial-of-service (DDoS) attack. We examine two existing intrusion detection and prevention systems and transform both of them into new, improved systems using our framework. Our evaluations show that our framework is not only friendly to resource-constrained devices, but can also successfully detect and prevent the two types of attacks, with a significantly lower overhead and detection latency than the existing systems.