A Multi-Phase Behavioural Attribute Based Zero Trust Authentication Model with Simulation Using Replica Controlled Secured Distributed Networks
Modisaotsile MaropeResearch Scholar, School of Pure and Applied Sciences, Botswana International University of Science and Technology modisaotsile.marope@studentmail.biust.ac.bw0009-0009-2956-1956
Venumadhav KuthadiAssociate Professor, Department of Computing and Informatics, School of Pure and Applied Sciences, Botswana International University of Science and Technology kuthadiv@biust.ac.bw0000-0003-4515-1921
Rajalakshmi SelvarajAssociate Professor, Department of Computing and Informatics, School of Pure and Applied Sciences, Botswana International University of Science and Technology selvarajr@biust.ac.bw0000-0002-7059-1702
Thabo SemongSenior lecturer, Department of Computing and Informatics, School of Pure and Applied Sciences, Botswana International University of Science and Technology semongt@biust.ac.bw0000-0002-9370-196X
Tshiamo SigweleLecturer, Department of Computing and Informatics, School of Pure and Applied Sciences, Botswana International University of Science and Technology sigwelet@biust.ac.bw0000-0001-7492-8053
This Paper presents a multi-stage replica-based anomaly detection model specifically for distributed systems. The proposed model, Multi-Phase Behavioural Attribute based Zero Trust Authentication Model (MBAZTA), observes system behaviour in three well-defined stages with multiple attributes in each stage and employs five standalone replicas to assess incoming behavioural patterns. Deviations at stage-wise levels are identified as anomalies, and the same is validated using a consensus mechanism among replicas. Every replica has its own baseline, and decisions about access are taken based on the number of conforming nodes, implementing a risk-based control. A simulation test with 1000 instances of behaviour was used to test the effectiveness of the model. With a minimum of false negatives and zero false positives, the results revealed a detection rate of 99.7 %. Under different conditions the system's performance stayed constant, preserving low latency and effective bandwidth consumption. This shows that in real-time circumstances the suggested method can consistently and scalable spot anomalies.