Authors : N. Shalini; K. Jishnu; M. Sonuu; K. Jaideep

Volume/Issue : Volume 11 - 2026, Issue 3 - March

Google Scholar : https://tinyurl.com/4yff36cj

Scribd : https://tinyurl.com/5hyvzphz

DOI : https://doi.org/10.38124/ijisrt/26mar1775

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Abstract : Modern applications rely heavily on APIs, which makes them a major target for cyberattacks. Traditional security models focus mainly on perimeter protection and often fail to provide continuous verification after a user is authenticated. This work presents an AI-powered Zero Trust API Security Platform designed to monitor, detect, and automatically respond to suspicious API behavior in real time. The system combines rule-based behavioral analytics with an unsupervised machine learning model (Isolation Forest) to identify both known attack patterns and previously unseen anomalies. The platform implements multi-layer security using JWT authentication, role-based access control, IP rate limiting, and token revocation mechanisms. A behavioral analytics engine evaluates each request against multiple threat detection rules covering injection attacks, credential abuse, endpoint scanning, and automated attack tools. In parallel, a Python-based ML service analyzes request features to assign anomaly scores that trigger automated blocking when risk exceeds a defined threshold. Real- time WebSocket alerts provide administrators with continuous visibility into threat activity. The system was developed using Spring Boot, React, PostgreSQL, MongoDB, and Python Flask and validated through simulated attack scenarios. Results show that the combined rule-based and ML approach enables fast detection and automated remediation of diverse API threats. During implementation, challenges related to feature selection and balancing detection sensitivity with false positives were observed, highlighting the need for adaptive security models in dynamic API environments. This work demonstrates that integrating Zero Trust principles with AI-driven behavioral monitoring can provide a practical and scalable approach to securing modern API-driven applications.

Keywords : Zero Trust Architecture, API Security, Machine Learning, Anomaly Detection, Isolation Forest, Behavioral Analytics, Threat Detection, JWT Authentication, RBAC, Real-Time Prevention, Cybersecurity.

References :

1. NIST Special Publication 800-207. (2020). "Zero Trust Architecture." National Institute of Standards and Technology. Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). DOI: 10.6028/NIST.SP.800-207.
2. IBM Security. (2023). "Cost of a Data Breach Report 2023." IBM Corporation. Retrieved from https://www.ibm.com/reports/data-breach.
3. Kindervag, J. (2010). "Build Security Into Your Network's DNA: The Zero Trust Network Architecture." Forrester Research. Retrieved from https://www.forrester.com/report/Build+Security+Into+Your+Networks+DNA/-/E-RES56682.
4. Liu, F. T., Ting, K. M., & Zhou, Z. H. (2008)."Isolation Forest." Proceedings of the 8th IEEE International Conference on Data Mining (ICDM 2008), 413–422. DOI: 10.1109/ICDM.2008.17.
5. Aharon, U., Dubin, R., & Dvir, A. (2024). "Few-Shot API Attack Anomaly Detection." arXiv preprint arXiv:2405.11258. Retrieved  from https://arxiv.org/abs/2405.11258.
6. Sharma, P., & Mehta, A. (2021). "Leveraging AI to Detect Anomalies and Secure APIs." ResearchGate. DOI: 10.13140/RG.2.2.28491.62249.
7. Kim, J., & Park, S. (2023). "Explainable AI for API Behavior Anomaly Detection." ACM International Conference on Information Security. DOI: 10.1145/3651671.3651738.
8. Tanenbaum, A. S., & Wetherall, D. J. (2011). "Computer Networks" (5th ed.). Prentice Hall. ISBN: 978-0-13-212695-3.
9. Chen, T., & Liu, Z. (2021). "Network Intrusion Detection Using Isolation Forest with Feature Engineering." Journal of Information Security and Applications,              58,          102751. DOI: 10.1016/j.jisa.2020.102751.
10. Aharon, U., & Hajaj, C. (2024). "Classification-by- Retrieval Framework for API Security." arXiv preprint arXiv:2405.11247.   Retrieved               from https://arxiv.org/abs/2405.11247.
11. OWASP API Security Project. (2023). "OWASP API Security Top 10 2023." Open Web Application Security Project. Retrieved from https://owasp.org/API- Security/.
12. Vasilescu, B., Yu, Y., Wang, H., Devanbu, P., & Filkov, V. (2015). "Quality and Productivity Outcomes Relating to Continuous Integration in GitHub." ACM Joint European Software Engineering Conference (ESEC/FSE 2015). DOI: 10.1145/2786805.2786850.
13. Bucket4j Contributors. (2023). "Bucket4j: Java Rate Limiting Library." GitHub Repository. Retrieved from https://github.com/bucket4j/bucket4j.
14. Pedregosa, F., et al. (2011). "Scikit-learn: Machine Learning in Python." Journal of Machine Learning Research, 12, 2825–2830. ISSN: 1532-4435.
15. Spring Security Team. (2023). "Spring Security Reference Documentation 6.1." Pivotal Software. Retrieved from https://docs.spring.io/spring- security/reference/.
16. Yadav, S., & Kumar, R. (2025). "AI-Driven Zero Trust Architecture for Threat Detection." ResearchGate. DOI: 10.13140/RG.2.2.395708346.
17. Wang, J., & Liu, Y. (2019). "Blockchain Technology: Applications and Challenges." International Journal of Computer Applications, 178(6), 7–12. DOI: 10.5120/ijca2019918446.
18. Storey, M. A., & Zagalsky, A. (2016). "Disrupting Developer Productivity One Bot at a Time." ACM/IEEE International Symposium on Foundations of Software Engineering (FSE). DOI: 10.1145/2950290.2983989.