CFP last date
20 August 2025
Call for Paper
September Edition
IJCA solicits high quality original research papers for the upcoming September edition of the journal. The last date of research paper submission is 20 August 2025

Submit your paper
Know more
The week's pick
Responsive image
Assessing LLMs as Cognitive Interpreters of Student Prompts: A Typological Framework

Tadeu da Ponte Matevz Vremec Matej Mertik
Random Articles
Reseach Article

AI-Powered Zero Trust Access Evaluation using Behavioral Fingerprinting

by Hritesh Yadav, Ganapathy Subramanian Ramachandran, Kshitij Sharma
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Number 16
Year of Publication: 2025
Authors: Hritesh Yadav, Ganapathy Subramanian Ramachandran, Kshitij Sharma
10.5120/ijca2025925193

Hritesh Yadav, Ganapathy Subramanian Ramachandran, Kshitij Sharma . AI-Powered Zero Trust Access Evaluation using Behavioral Fingerprinting. International Journal of Computer Applications. 187, 16 ( Jun 2025), 19-22. DOI=10.5120/ijca2025925193

@article{ 10.5120/ijca2025925193,
author = { Hritesh Yadav, Ganapathy Subramanian Ramachandran, Kshitij Sharma },
title = { AI-Powered Zero Trust Access Evaluation using Behavioral Fingerprinting },
journal = { International Journal of Computer Applications },
issue_date = { Jun 2025 },
volume = { 187 },
number = { 16 },
month = { Jun },
year = { 2025 },
issn = { 0975-8887 },
pages = { 19-22 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume187/number16/ai-powered-zero-trust-access-evaluation-using-behavioral-fingerprinting/ },
doi = { 10.5120/ijca2025925193 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-06-30T23:52:09.362942+05:30
%A Hritesh Yadav
%A Ganapathy Subramanian Ramachandran
%A Kshitij Sharma
%T AI-Powered Zero Trust Access Evaluation using Behavioral Fingerprinting
%J International Journal of Computer Applications
%@ 0975-8887
%V 187
%N 16
%P 19-22
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In today’s cybersecurity landscape, the traditional perimeter-based defense model has become obsolete, giving rise to the Zero Trust Architecture (ZTA), where no entity—whether internal or external—is automatically trusted. While ZTA provides a robust security posture, its effectiveness heavily depends on accurate and context-aware access evaluation. Conventional authentication techniques, such as static credentials and multi-factor authentication (MFA), are often insufficient to detect subtle identity compromise or insider threats. This paper introduces a novel framework that leverages Artificial Intelligence (AI) and behavioral fingerprinting to enable continuous and adaptive access evaluation within a Zero Trust environment. Behavioral fingerprinting, which includes unique user-specific patterns such as keystroke dynamics, mouse movement patterns, application access sequences, and response times, is used to construct a dynamic trust profile for each user. Our system continuously collects telemetry data, extracts behavioral features, and uses supervised and unsupervised learning models to assess risk in real-time. By combining these insights with contextual parameters (such as geolocation, device hygiene, and network indicators), our AI engine computes a Behavioral Trust Score (BTS) to grant, deny, or conditionally allow access. The results from our prototype demonstrate a significant improvement in detecting anomalous behavior compared to traditional rule-based systems, with a notable reduction in false positives and latency. Our contributions aim to enhance the granularity and responsiveness of Zero Trust security models while maintaining user transparency and compliance.

References
  1. Stafford, V. "Zero trust architecture." NIST special publication 800.207 (2020): 800-207.
  2. Ferraiolo, David F., et al. "Proposed NIST standard for role-based access control." ACM Transactions on Information and System Security (TISSEC) 4.3 (2001): 224-274.
  3. Google, “BeyondCorp: A New Approach to Enterprise Security,” Google White Paper, 2014. [Online]. Available: https://cloud.google.com/beyondcorp
  4. Ward, Rory, and Betsy Beyer. "Beyondcorp: A new approach to enterprise security." ; login:: the magazine of USENIX & SAGE 39.6 (2014): 6-11.
  5. Das, Sanchari, Andrew Dingman, and L. Jean Camp. "Why Johnny doesn’t use two factor a two-phase usability study of the FIDO U2F security key." Financial Cryptography and Data Security: 22nd International Conference, FC 2018, Nieuwpoort, Curaçao, February 26–March 2, 2018, Revised Selected Papers 22. Springer Berlin Heidelberg, 2018.
  6. Ahmed, Ahmed A., and Issa Traore. "Biometric recognition based on free-text keystroke dynamics." IEEE transactions on cybernetics 44.4 (2013): 458-472.
  7. Kamezaki, Yuto, and Kazutaka Matsuzaki. "User Identification Based on Mouse Behavior--Enhancing Accuracy with Velocity Features and Evaluating Practicality." IEICE Technical Report; IEICE Tech. Rep.
  8. Khanan, Akbar, et al. "From bytes to insights: a systematic literature review on unraveling IDS datasets for enhanced cybersecurity understanding." IEEE Access (2024).
  9. Gadde, Hemanth. "AI-Driven Anomaly Detection in NoSQL Databases for Enhanced Security." International Journal of Machine Learning Research in Cybersecurity and Artificial Intelligence 14.1 (2023): 497-522.
  10. Sandhu, Ravi S. "Role-based access control." Advances in computers. Vol. 46. Elsevier, 1998. 237-286.
  11. Jazzar, Mahmoud, and Aman Jantan. "A novel soft computing inference engine model for intrusion detection." IJCSNS International Journal of Computer Science and Network Security 8.4 (2008): 1-9.
  12. Mahoney, Matthew V., and Philip K. Chan. "An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection." International Workshop on Recent Advances in Intrusion Detection. Berlin, Heidelberg: Springer Berlin Heidelberg, 2003.
  13. Liang, Yunji, et al. "Behavioral biometrics for continuous authentication in the internet-of-things era: An artificial intelligence perspective." IEEE Internet of Things Journal 7.9 (2020): 9128-9143.
  14. Nasir, Rida, et al. "Behavioral based insider threat detection using deep learning." IEEE Access 9 (2021): 143266-143274.
  15. Bereziński, Przemysław, Bartosz Jasiul, and Marcin Szpyrka. "An entropy-based network anomaly detection method." Entropy 17.4 (2015): 2367-2408.
  16. Abuhamad, Mohammed, et al. "Sensor-based continuous authentication of smartphones’ users using behavioral biometrics: A contemporary survey." IEEE Internet of Things Journal 8.1 (2020): 65-84.
  17. Lundberg, Scott M., and Su-In Lee. "A unified approach to interpreting model predictions." Advances in neural information processing systems 30 (2017).
  18. MacDonald, Neil, Lawrence Orans, and Joe Skorupa. "The Future of Network Security Is in the Cloud." Gartner. Viitattu 1 (2019): 2021.
  19. Yang, Qiang, et al. "Federated machine learning: Concept and applications." ACM Transactions on Intelligent Systems and Technology (TIST) 10.2 (2019): 1-19.
  20. Killourhy, Kevin S., and Roy A. Maxion. "Comparing anomaly-detection algorithms for keystroke dynamics." 2009 IEEE/IFIP international conference on dependable systems & networks. IEEE, 2009.
Index Terms

Computer Science
Information Sciences

Keywords

Zero Trust Architecture Behavioral Fingerprinting Adaptive Access Control Behavioral Trust Score User Behavior Analytics Insider Threat Detection Continuous Authentication Federated Learning AI in Cybersecurity

Powered by PhDFocusTM