Analisis Adaptif Zero Trust Architecture (ZTA) Berbasis Machine Learning untuk Deteksi Intrusi pada Jaringan IoT dalam Infrastruktur Kritis

Authors

  • R Wahyudi Darmawan Universitas Tangerang Raya
  • Irawan Universitas Tangerang Raya
  • Septa Petriansyah Universitas Tangerang Raya

DOI:

https://doi.org/10.31004/riggs.v3i4.460

Keywords:

Zero Trust Architecture, Adaptive Learning, IoT Security, Intrusion Detection, Behavioral Profiling

Abstract

Meningkatnya kompleksitas dan keterhubungan dalam ekosistem Internet of Things (IoT) telah menimbulkan tantangan baru dalam hal keamanan jaringan, di mana arsitektur tradisional tidak lagi memadai untuk menghadapi ancaman yang dinamis dan kontekstual. Penelitian ini bertujuan untuk mengembangkan dan menguji sebuah pendekatan keamanan adaptif berbasis integrasi Zero Trust Architecture (ZTA) dengan algoritma adaptive machine learning untuk mendeteksi dan merespons intrusi secara kontekstual pada lingkungan IoT. Menggunakan desain eksperimental dengan metode simulasi hybrid, penelitian ini menggabungkan data dari lingkungan simulasi dan dataset realistik yang direkayasa untuk mencerminkan pola ancaman nyata. Data dikumpulkan melalui pengamatan sistem secara langsung dan dievaluasi menggunakan pendekatan analisis kinerja multi-metrik yang mencakup akurasi, presisi, recall, dan tingkat false positive. Hasil pengujian menunjukkan bahwa sistem yang dikembangkan mampu meningkatkan akurasi deteksi hingga 95,7% dengan false positive rate sebesar 3,1%, melampaui performa pendekatan berbasis deteksi statis. Temuan signifikan lainnya adalah keberhasilan implementasi model ZTA dinamis berbasis mikro-segmentasi dan behavior profiling yang dapat beradaptasi terhadap perubahan pola komunikasi dan aktivitas pengguna dalam jaringan IoT. Evaluasi kinerja juga memperlihatkan bahwa pendekatan multi-metrik memberikan pemahaman yang lebih komprehensif terhadap performa sistem keamanan secara real-time.Penelitian ini memberikan kontribusi konseptual terhadap pengembangan arsitektur keamanan adaptif berbasis zero trustdan pembelajaran mesin yang relevan dengan konteks keamanan jaringan kontemporer. Selain itu, pendekatan ini membuka ruang eksplorasi lebih lanjut dalam penerapan pada sistem 5G, edge computing, serta penguatan dengan teknologi blockchain untuk mendukung verifikasi dan otentikasi dalam kerangka ZTA. Temuan ini diharapkan dapat menjadi rujukan pengembangan solusi keamanan siber yang lebih resilien, kontekstual, dan terukur di masa mendatang.

Downloads

Download data is not yet available.

References

A. Poirrier, L. Cailleux, and T. H. Clausen, “Is Trust Misplaced? A Zero-Trust Survey,” Proceedings of the IEEE, pp. 1–35, 2025, doi: 10.1109/JPROC.2025.3555131.

M. Al-Zewairi, S. Almajali, M. Ayyash, M. Rahouti, F. Martinez, and N. Quadar, “Multi-Stage Enhanced Zero Trust Intrusion Detection System for Unknown Attack Detection in Internet of Things and Traditional Networks,” ACM Transactions on Privacy and Security, Mar. 2025, doi: 10.1145/3725216.

A. Alshehri, B. Tufekci, and C. Tunc, “Identification Management for Zero Trust Through Network Analysis,” in 2024 IEEE/ACS 21st International Conference on Computer Systems and Applications (AICCSA), IEEE, Oct. 2024, pp. 1–6. doi: 10.1109/AICCSA63423.2024.10912537.

S. Sharma, S. S. Agrawal, and S. A. Kumar, “Unlocking Cybersecurity Horizons: Exploring Cutting-Edge Technologies, Strategies, and Trends in the Dynamic Cyber Threat Landscape,” in 2024 International Conference on Intelligent Computing and Emerging Communication Technologies (ICEC), IEEE, Nov. 2024, pp. 1–6. doi: 10.1109/ICEC59683.2024.10837210.

A. O. De Almeida and L. R. Salvador, “Securing IoT Devices: ZTA Principles and Network Slicing,” in 2024 IEEE 22nd Jubilee International Symposium on Intelligent Systems and Informatics (SISY), IEEE, Sep. 2024, pp. 000209–000214. doi: 10.1109/SISY62279.2024.10737622.

M. Bampatsikos, I. Politis, T. Ioannidis, and C. Xenakis, “Trust Score Prediction and Management in IoT Ecosystems Using Markov Chains and MADM Techniques,” IEEE Transactions on Consumer Electronics, pp. 1–1, 2025, doi: 10.1109/TCE.2025.3531045.

M. James, T. Newe, D. O’Shea, and G. D. O’Mahony, “Authentication and Authorization in Zero Trust IoT: A Survey,” in 2024 35th Irish Signals and Systems Conference (ISSC), IEEE, Jun. 2024, pp. 1–7. doi: 10.1109/ISSC61953.2024.10603175.

N. Kaur et al., “Securing fog computing in healthcare with a zero-trust approach and blockchain,” EURASIP J Wirel Commun Netw, vol. 2025, no. 1, p. 5, Feb. 2025, doi: 10.1186/s13638-025-02431-6.

S. Gore, “Blockchain-based digital twin management architecture for Internet of Medical Things Networks,” in Blockchain and Digital Twin for Smart Hospitals, Elsevier, 2025, pp. 313–335. doi: 10.1016/B978-0-443-34226-4.00017-4.

Karthikeyan S and Thenmozhi N, “Fortifying the Cloud: Navigating Data Security Challenges and Pioneering Future-Ready Solutions,” International Research Journal on Advanced Science Hub, vol. 6, no. 10, pp. 277–301, Oct. 2024, doi: 10.47392/IRJASH.2024.039.

A. A. Hossain, M. K. PK, J. Zhang, and F. Amsaad, “Malicious Code Detection Using LLM,” in NAECON 2024 - IEEE National Aerospace and Electronics Conference, IEEE, Jul. 2024, pp. 414–416. doi: 10.1109/NAECON61878.2024.10670668.

S. Arora and J. D. Hastings, “Microsegmented Cloud Network Architecture Using Open-Source Tools for a Zero Trust Foundation,” Dakota State University, 2024.

M. Chouikha and W. L. Waters, Unsupervised and reinforcement learning in computer science. Springer, 2025.

R. S. Pressman and B. R. Maxim, Software engineering: A practitioner’s approach . McGraw-Hill, 2020.

A. Salehpour, M. A. Balafar, and A. Souri, “An optimized intrusion detection system for resource-constrained IoMT environments: enhancing security through efficient feature selection and classification,” J Supercomput, vol. 81, no. 6, p. 783, Apr. 2025, doi: 10.1007/s11227-025-07253-3.

R. Butt, N. Tariq, M. Ashraf, M. Humayun, and M. Shaheen, “Collaborative Defense: Federated Learning for Intrusion Detection Systems,” 2025, pp. 147–165. doi: 10.1007/978-3-031-78841-3_8.

Z. Awad, M. Zakaria, and R. Hassan, “An enhanced ensemble defense framework for boosting adversarial robustness of intrusion detection systems,” Sci Rep, vol. 15, no. 1, p. 14177, Apr. 2025, doi: 10.1038/s41598-025-94023-z.

M. Al-Hawawreh, O. Shindi, Z. Baig, M. Alazab, A. Anwar, and R. Doss, “Quantum-Powered Extended Visibility for Zero-Trust-Based Ransomware Detection in Smart Grids,” IEEE Internet Things J, vol. 12, no. 6, pp. 6721–6733, Mar. 2025, doi: 10.1109/JIOT.2024.3496481.

Priyanshi, “AI-Augmented Zero-Trust Security Architecture for Next-Generation IoT Devices,” International Journal of Advanced Research in Computer Science and Engineering (IJARCSE), vol. 1, no. 1, pp. 77–83, 2025.

S. Qureshi, “The Realm of Cyber Threats and Security,” 2024. doi: 10.2139/ssrn.4883092.

S. Garg, K. Kaur, N. Kumar, G. Kaddoum, A. Y. Zomaya, and R. Ranjan, “A Hybrid Deep Learning-Based Model for Anomaly Detection in Cloud Datacenter Networks,” IEEE Transactions on Network and Service Management, vol. 16, no. 3, pp. 924–935, Sep. 2019, doi: 10.1109/TNSM.2019.2927886.

Y. Zhang, R. C. Muniyandi, and F. Qamar, “A Review of Deep Learning Applications in Intrusion Detection Systems: Overcoming Challenges in Spatiotemporal Feature Extraction and Data Imbalance,” Applied Sciences, vol. 15, no. 3, p. 1552, Feb. 2025, doi: 10.3390/app15031552.

N. Latif, W. Ma, and H. B. Ahmad, “Advancements in securing federated learning with IDS: a comprehensive review of neural networks and feature engineering techniques for malicious client detection,” Artif Intell Rev, vol. 58, no. 3, p. 91, Jan. 2025, doi: 10.1007/s10462-024-11082-w.

A. Chatterjee and B. S. Ahmed, “IoT anomaly detection methods and applications: A survey,” Internet of Things, vol. 19, p. 100568, Aug. 2022, doi: 10.1016/j.iot.2022.100568.

M. T. Masud, M. Keshk, N. Moustafa, I. Linkov, and D. K. Emge, “Explainable Artificial Intelligence for Resilient Security Applications in the Internet of Things,” IEEE Open Journal of the Communications Society, vol. 6, pp. 2877–2906, 2025, doi: 10.1109/OJCOMS.2024.3413790.

T.-Y. Lin, P. Goyal, R. Girshick, K. He, and P. Dollar, “Focal Loss for Dense Object Detection,” IEEE Trans Pattern Anal Mach Intell, vol. 42, no. 2, pp. 318–327, Feb. 2020, doi: 10.1109/TPAMI.2018.2858826.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” in Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018), 2018.

N. Moustafa, “The TON_IoT datasets: A comprehensive data repository for internet of things network forensics and artificial intelligence,” Military Communications and Information Systems Conference (MilCIS), 2019.

M. Ring, S. Wunderlich, D. Scheuring, D. Landes, and A. Hotho, “A survey of network-based intrusion detection data sets,” Comput Secur, vol. 86, pp. 147–167, Sep. 2019, doi: 10.1016/j.cose.2019.06.005.

S. Rose, O. Borchert, S. Mitchell, and S. Connelly, Zero Trust Architecture (NIST Special Publication). National Institute of Standards and Technology, 2020.

C. Zanasi, S. Russo, and M. Colajanni, “Flexible zero trust architecture for the cybersecurity of industrial IoT infrastructures,” Ad Hoc Networks, vol. 156, p. 103414, Apr. 2024, doi: 10.1016/j.adhoc.2024.103414.

T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, M. Ghogho, and F. El Moussa, “DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking,” Electronics (Basel), vol. 9, no. 9, p. 1533, Sep. 2020, doi: 10.3390/electronics9091533.

R. Kale, Z. Lu, K. W. Fok, and V. L. L. Thing, “A Hybrid Deep Learning Anomaly Detection Framework for Intrusion Detection,” in 2022 IEEE 8th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), IEEE, May 2022, pp. 137–142. doi: 10.1109/BigDataSecurityHPSCIDS54978.2022.00034.

S. Bindra and A. Malik, “An Analysis Of Anomaly Detection Techniques for IoT Devices: A Review,” in 2023 Third International Conference on Secure Cyber Computing and Communication (ICSCCC), IEEE, May 2023, pp. 275–280. doi: 10.1109/ICSCCC58608.2023.10176388.

J. Vitorino, R. Andrade, I. Praça, O. Sousa, and E. Maia, “A Comparative Analysis of Machine Learning Techniques for IoT Intrusion Detection,” 2022, pp. 191–207. doi: 10.1007/978-3-031-08147-7_13.

S. H. Ahmed, M. H. U. Rehman, and R. Hussain, “Toward context-aware intrusion detection for smart environments: A review,” ACM Comput Surv, vol. 52, no. 6, pp. 1–34, 2023.

L. Xu, Z. Han, D. Zhao, X. Li, F. Yu, and C. Chen, “Addressing Concept Drift in IoT Anomaly Detection: Drift Detection, Interpretation, and Adaptation,” IEEE Transactions on Sustainable Computing, vol. 9, no. 6, pp. 913–924, Nov. 2024, doi: 10.1109/TSUSC.2024.3386667.

R. Gutierrez, W. Villegas-Ch, L. Naranjo Godoy, A. Mera-Navarrete, and S. Luján-Mora, “Application of Deep Learning Models for Real-Time Automatic Malware Detection,” IEEE Access, vol. 12, pp. 107742–107756, 2024, doi: 10.1109/ACCESS.2024.3436588.

Downloads

Published

31-01-2025

How to Cite

[1]
R. W. Darmawan, I. Irawan, and S. Petriansyah, “Analisis Adaptif Zero Trust Architecture (ZTA) Berbasis Machine Learning untuk Deteksi Intrusi pada Jaringan IoT dalam Infrastruktur Kritis”, RIGGS, vol. 3, no. 4, pp. 36–45, Jan. 2025.

Issue

Vol. 3 No. 4 (2025): November - January

Section

Articles

License

Copyright (c) 2025 R Wahyudi Darmawan, Irawan, Septa Petriansyah

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC