JoWUA

Abstract

This Paper presents a multi-stage replica-based anomaly detection model specifically for distributed systems. The proposed model, Multi-Phase Behavioural Attribute based Zero Trust Authentication Model (MBAZTA), observes system behaviour in three well-defined stages with multiple attributes in each stage and employs five standalone replicas to assess incoming behavioural patterns. Deviations at stage-wise levels are identified as anomalies, and the same is validated using a consensus mechanism among replicas. Every replica has its own baseline, and decisions about access are taken based on the number of conforming nodes, implementing a risk-based control. A simulation test with 1000 instances of behaviour was used to test the effectiveness of the model. With a minimum of false negatives and zero false positives, the results revealed a detection rate of 99.7 %. Under different conditions the system's performance stayed constant, preserving low latency and effective bandwidth consumption. This shows that in real-time circumstances the suggested method can consistently and scalable spot anomalies.