Behavior-Aware Cybersecurity: Integrating Trust Scores with Least Privilege via Game Theory

Bala Shanmukha Sowmya Javvadhi, Manas Kumar Yogi

doi:https://doi.org/10.59232/CYS-V3I2P102

Research Article | Open Access | Download Full Text

Volume 3 | Issue 2 | Year 2025 | Article Id: CYS-V3I2P102 DOI: https://doi.org/10.59232/CYS-V3I2P102

Behavior-Aware Cybersecurity: Integrating Trust Scores with Least Privilege via Game Theory

Bala Shanmukha Sowmya Javvadhi, Manas Kumar Yogi

Received	Revised	Accepted	Published
05 Mar 2025	06 Apr 2025	04 May 2025	30 May 2025

Citation

Bala Shanmukha Sowmya Javvadhi, Manas Kumar Yogi. “Behavior-Aware Cybersecurity: Integrating Trust Scores with Least Privilege via Game Theory.” DS Journal of Cyber Security, vol. 3, no. 2, pp. 16-32, 2025.

Abstract

Dynamic computing environments question the validity of classical security institutions, especially the Principle of Least Privilege (PoLP), where predefined roles and behavior patterns are expected. These constraints prevent the system from customizing access rights per user context or dynamic trustworthiness, which usually leads to over-privileged or under-privileged access. In order to curtail this, a behavior-aware hybrid model that combines Game Theory with PoLP is introduced to allow for adaptive access control based on strategic play. The framework can make fine-grained privilege adjustments in real-time by modelling the user-system interactions as a repeated game and the dynamic assignment of trust scores based on observed behavior. Our method motivates compliant actions while discouraging harmful ones using thoughtful access reconfiguration. Some of the significant contributions are developing a trust score mechanism associated with privilege management, designing a game-theoretic engine to review user actions, and combining behavioral analytics with role-based controls. This model compromises between security and usability, providing scalable, context-aware solutions to rigid access policies. The proposed system can help push the boundaries of cyber security and pave the way for proactive, trust-aware access decisions that are especially critical in decentralized, cloud-based, and zero-trust architectures. These results provide new avenues for creating an intelligent and responsive security system consistent with the user intent and the system's integrity.

Keywords

Access controls, Cybersecurity, Game theory, Trust management, User behavior.

References

[1] Michael Fojude, “Insider Threat Agent: A Behavioral Based Zero Trust Access Control Using Machine Learning Agent,” Master Thesis, Georgia Southern University, 2025.

[Google Scholar] [Publisher Link]

[2] Qaiser Razi et al., “Enhancing Data Privacy: A Comprehensive Survey of Privacy-Enabling Technologies,” IEEE Access, vol. 13, pp. 40354-40385, 2025.

[CrossRef] [Google Scholar] [Publisher Link]

[3] Yujie Hong et al., “OCHJRNCHAIN: A Blockchain-Based Security Data Sharing Framework for Online Car-Hailing Journey,” IEEE Transactions on Intelligent Transportation Systems, vol. 25, no. 6, pp. 5299-5311, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[4] Zia Muhammad et al., “Smartphone Security and Privacy: A Survey on Apts, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses,” Technologies, vol. 11, no. 3, pp. 1-50, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[5] Sushil Jajodia, and Jianying Zhou, “Security and Privacy in Communication Networks,” 6^th International ICST Conference, SecureComm 2010, Singapore, 2010.

[CrossRef] [Google Scholar] [Publisher Link]

[6] Jiang Zhu, “Mobile Behaviometrics: Behavior Modeling from Heterogeneous Sensor Time-Series Doctoral Dissertation,” Carnegie Mellon University, USA, 2014.

[Google Scholar] [Publisher Link]

[7] Pooja Chaudhary, B.B. Gupta, and A.K. Singh, “Adaptive Cross-Site Scripting Attack Detection Framework for Smart Devices Security using Intelligent Filters and Attack Ontology,” Soft Computing, vol. 27, no. 8, pp. 4593-4608, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[8] Sanonda Gupta, and Sepideh Ghanavati, “Privacy in the Internet of Things: Where do We Stand? A Systematic Literature Review,” Authorea Preprints, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[9] Bingqiao Luo et al., “Ai-Powered Fraud Detection in Decentralized Finance: a Project Life Cycle Perspective,” ACM Computing Surveys, vol. 57, no. 4, pp. 1-38, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[10] Abdulmohsen Algarni, Zulfiqar Ahmad, and Mohammed Alaa Ala’Anzy, “An Edge Computing-Based and Threat Behavior-Aware Smart Prioritization Framework for Cybersecurity Intrusion Detection and Prevention of IEDS in Smart Grids with Integration of Modified LGBM and One Class-SVM Models,” IEEE Access, vol. 12, pp. 104948-104963, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[11] Yao Sun et al., “User Behavior Aware Cell Association in Heterogeneous Cellular Networks,” IEEE Wireless Communications and Networking Conference, San Francisco, CA, USA, pp. 1-6, 2017.

[CrossRef] [Google Scholar] [Publisher Link]

[12] Ruyan Wang et al., “Malicious-Behavior-Aware D2D Link Selection Mechanism,” IEEE Access, vol. 5, pp. 15162-15173, 2017.

[CrossRef] [Google Scholar] [Publisher Link]

[13] Serhii Denysiuk, Denys Derevianko, and Halyna Bielokha, “Synthesis of Models of the Complex Electric Power Systems,” Power Systems Research and Operation, pp. 107-131, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[14] Liwan Qi et al., “Pricing Design for EV Platoon Charging Network with Hybrid Traffic Flows,” IEEE Transactions on Transportation Electrification, vol. 11, no. 1, pp. 1431-1441, 2025.

[CrossRef] [Google Scholar] [Publisher Link]

[15] Georgios Fragkos, Jay Johnson, and Eirini Eleni Tsiropoulou, “Dynamic Role-Based Access Control Policy for Smart Grid Applications: an Offline Deep Reinforcement Learning Approach,” IEEE Transactions on Human-Machine Systems, vol. 52, no. 4, pp. 761-773, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[16] Nastaran Jadidi, and Mohsen Varmazyar, A Survey of Cyber-Physical Systems Applications (2017–2022), Handbook of Smart Energy Systems, Springer Nature Link, pp. 1-29, 2023.

[CrossRef] [Google Scholar] [Publisher Link]

[17] Ismail AlQerm et al., “Behave: Behavior-Aware, Intelligent and Fair Resource Management for Heterogeneous Edge-Iot Systems,” IEEE Transactions on Mobile Computing, vol. 21, no. 11, pp. 3852-3865, 2022.

[CrossRef] [Google Scholar] [Publisher Link]

[18] Juraj Smeriga, and Tomas Jirsik, “Behavior-Aware Network Segmentation Using IP Flows,” Proceedings of the 14^th International Conference on Availability, Reliability and Security, pp. 1-9, 2019.

[CrossRef] [Google Scholar] [Publisher Link]

[19] Ahmad K. Al Hwaitat et al., “Overview of Mobile Attack Detection and Prevention Techniques Using Machine Learning,” International Journal of Interactive Mobile Technologies, vol. 18, no. 10, pp. 1-33, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[20] Maryam Babaee et al., “Optimizing Post-Disaster Road Restoration with Reinforcement Learning: A Traveler-Behavior-Aware Approach,” SSRN, pp. 1-36, 2025.

[CrossRef] [Google Scholar] [Publisher Link]

[21] Asghar Tajoddin, and Saeed Jalili, “HM3alD: Polymorphic Malware Detection using Program Behavior-Aware Hidden Markov Model,” Applied Sciences, vol. 8, no. 7, pp. 1-23, 2018.

[CrossRef] [Google Scholar] [Publisher Link]

[22] Wai-Xi Liu et al., “QALL: Distributed Queue-Behavior-Aware Load Balancing Using Programmable Data Planes,” IEEE Transactions on Network and Service Management, vol. 21, no. 2, pp. 2303-2322, 2024.

[CrossRef] [Google Scholar] [Publisher Link]

[23] Sowmya-javvadhi/synthetic-dataset, 2025. [Online]. Available: https://github.com/Sowmya-javvadhi/synthetic-dataset

[24] Siddharth Singh Khati, Sunil K. Singh, and Akash Sharma, “Secure Internet of Behavior (IOB): Challenges and Future Directions,” Data Science Insights Magazine, vol. 2, pp. 1-4, 2022.

[Google Scholar] [Publisher Link]

[25] Eniola Akinola Odedina, “Securing the Human Element in AI-Powered Cyber Defences: A Zero Trust Perspective,” International Journal of Innovative Science and Research Technology, vol. 10, no. 4, pp. 2103-2112, 2025.

[CrossRef] [Google Scholar] [Publisher Link]

[26] Ricardo Alfredo Cajo Diaz et al., “Context Aware Control Systems: An Engineering Applications Perspective,” IEEE Access, vol. 8, pp. 215550-215569, 2020.

[CrossRef] [Google Scholar] [Publisher Link]