Tenko: A Zero Trust Inspired Framework for Real-Time Network Defense via Intelligent Thresholding and Node-Level Anomaly Scoring
| dc.contributor.author | Bhola, Sahil | en |
| dc.contributor.committeechair | Burger, Eric William | en |
| dc.contributor.committeechair | Cameron, Melissa | en |
| dc.contributor.committeemember | Ji, Bo | en |
| dc.contributor.department | Computer Science and#38; Applications | en |
| dc.date.accessioned | 2025-06-14T08:00:37Z | en |
| dc.date.available | 2025-06-14T08:00:37Z | en |
| dc.date.issued | 2025-06-13 | en |
| dc.description.abstractgeneral | As our digital world becomes more connected, detecting unusual or harmful behavior on networks is more important than ever. Traditional systems that monitor for cyber threats often rely on fixed rules or need labeled examples of attacks, which makes them less effective in real-world, fast-changing environments. This thesis introduces Tenko, a smarter and more adaptable system that identifies suspicious activity on networks in real time—without needing prior knowledge of what an attack looks like. Built as an improvement to an earlier system called Kitsune, Tenko keeps track of how devices behave over time, rather than treating each activity as an isolated event. This means it can better recognize when a device gradually starts acting suspicious, while avoiding false alarms from short-lived or harmless changes. What sets Tenko apart is its ability to learn and adjust dynamically. It uses a lightweight memory system to remember past behaviors and prioritize more recent ones, helping it make more accurate decisions. It also includes a secure blockchain-based method to store and share trust information about devices, which allows the system to work across different parts of a network while staying secure and tamper-proof. To test its performance, Tenko was evaluated on a set of real-world network attacks and showed clear improvements over existing methods—detecting more threats while creating fewer false alarms and missing fewer attacks. This research offers a practical and scalable way to improve cybersecurity, especially in systems where threats evolve constantly and fast, such as smart homes, IoT networks, and critical infrastructure. | en |
| dc.description.degree | Master of Science | en |
| dc.format.medium | ETD | en |
| dc.identifier.other | vt_gsexam:44185 | en |
| dc.identifier.uri | https://hdl.handle.net/10919/135515 | en |
| dc.language.iso | en | en |
| dc.publisher | Virginia Tech | en |
| dc.rights | In Copyright | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.subject | Intrusion Detection System | en |
| dc.subject | Zero Trust Architecture | en |
| dc.title | Tenko: A Zero Trust Inspired Framework for Real-Time Network Defense via Intelligent Thresholding and Node-Level Anomaly Scoring | en |
| dc.type | Thesis | en |
| thesis.degree.discipline | Computer Science & Applications | en |
| thesis.degree.grantor | Virginia Polytechnic Institute and State University | en |
| thesis.degree.level | masters | en |
| thesis.degree.name | Master of Science | en |
Files
Original bundle
1 - 1 of 1