A Novel Zero-Touch, Zero-Trust, AI/ML Enablement Framework for IoT Network Security
Sushil Shakya, Robert Abbas, Sasa Maric
TL;DR
This work addresses securing IoT ecosystems in 5G/6G environments against DDoS by proposing an integrated framework that combines Zero-Touch provisioning, Zero-Trust security, and AI/ML-driven threat detection. The approach is evaluated using a labeled IoT traffic dataset across five ML models, with XGBoost delivering the best performance (e.g., $AUC=0.9997$ and $Accuracy=99.82\%$). Key contributions include a concrete architecture that automates device onboarding, enforces continuous authentication, and enables real-time anomaly detection with automated responses such as traffic blackholing. The proposed framework offers proactive, scalable security for next-generation IoT networks, with demonstrated high detection accuracy and potential for deployment in 5G/6G deployments to mitigate evolving DDoS and related threats.
Abstract
The IoT facilitates a connected, intelligent, and sustainable society; therefore, it is imperative to protect the IoT ecosystem. The IoT-based 5G and 6G will leverage the use of machine learning and artificial intelligence (ML/AI) more to pave the way for autonomous and collaborative secure IoT networks. Zero-touch, zero-trust IoT security with AI and machine learning (ML) enablement frameworks offers a powerful approach to securing the expanding landscape of Internet of Things (IoT) devices. This paper presents a novel framework based on the integration of Zero Trust, Zero Touch, and AI/ML powered for the detection, mitigation, and prevention of DDoS attacks in modern IoT ecosystems. The focus will be on the new integrated framework by establishing zero trust for all IoT traffic, fixed and mobile 5G/6G IoT network traffic, and data security (quarantine-zero touch and dynamic policy enforcement). We perform a comparative analysis of five machine learning models, namely, XGBoost, Random Forest, K-Nearest Neighbors, Stochastic Gradient Descent, and Native Bayes, by comparing these models based on accuracy, precision, recall, F1-score, and ROC-AUC. Results show that the best performance in detecting and mitigating different DDoS vectors comes from the ensemble-based approaches.