Behavioral Analysis Zero-Trust Architecture Relying on Adaptive Multifactor and Threat Determination

• Chit-Jie Chew,
• Po-Yao Wang,
• Jung-San Lee,

Vol. 17, No. 9, September 30, 2023
10.3837/tiis.2023.09.012, Download Paper (Free):

• Zero-trust
• Cyber Threat
• Machine Learning
• behavior analysis
• authentication

Abstract

For effectively lowering down the risk of cyber threating, the zero-trust architecture (ZTA) has been gradually deployed to the fields of smart city, Internet of Things, and cloud computing. The main concept of ZTA is to maintain a distrustful attitude towards all devices, identities, and communication requests, which only offering the minimum access and validity. Unfortunately, adopting the most secure and complex multifactor authentication has brought enterprise and employee a troublesome and unfriendly burden. Thus, authors aim to incorporate machine learning technology to build an employee behavior analysis ZTA. The new framework is characterized by the ability of adjusting the difficulty of identity verification through the user behavioral patterns and the risk degree of the resource. In particular, three key factors, including one-time password, face feature, and authorization code, have been applied to design the adaptive multifactor continuous authentication system. Simulations have demonstrated that the new work can eliminate the necessity of maintaining a heavy authentication and ensure an employee-friendly experience.

Statistics

Cite this article