Machine Learning for Risk-Based Authentication: PES-Guided Model Selection in Zero Trust Environments
Students & Supervisors
Student Authors
Supervisors
Abstract
"Zero Trust Security frameworks are increasingly implementing Risk-Based Authentication (RBA) to observe and evaluate login attempts continuously to reduce risk of account takeover. Additionally, while previous research has largely focused on evaluation measures of accuracy (e.g., ROC-AUC, F1- score), the need for efficiency, scalability, and ease of use are equally important to consider when deploying models in practice. This paper describes the comprehensive benchmarking of classical, tree-based, unsupervised, and ensemble machine learning models for RBA, leveraging a newly available dataset containing over 33M authentication events. In this work, in addition to commonly used evaluation measures, we also introduced the Performance–Efficiency Score (PES), a novel composite measure that measures not only predictive accuracy, but recall, ROC-AUC, inference latency, and model size.In our experiments, stacking and hybrid ensembles achieved the best recall, thereby maximizing detection of attacks in high-security use-cases. However, we found XGBoost provided the best trade-off in regards detection ability and computational efficiency. Our work highlights that technical choices of security, usability, and efficiency need to be weighed and balanced when enforcing Zero Trust security policy. Moreover, the PES framework offers a comprehensive approach to describe and consider deployable models that are both accurate and efficient."
Keywords
Publication Details
- Type of Publication:
- Conference Name: 28th International Conference on Computer and Information Technology (ICCIT)
- Date of Conference: 19/12/2025 - 19/12/2025
- Venue: Long Beach Hotel, Cox's Bazar, Bangladesh
- Organizer: IEEE Bangladesh Section