GAZETA: GAme-Theoretic ZEro-Trust Authentication for Defense Against Lateral Movement in 5G IoT Networks

The increasing connectivity in the 5G Internet of Things networks has enlarged the attack surface and made the traditional security defense inadequate for sophisticated attackers, who can move laterally from node to node with stored credentials once build a foothold in the network. There is a need to shift from the perimeter-based defense to a zero-trust security framework that focuses on agent-centric trust evaluation and access policies to identify malicious attackers, and proactively delay their lateral movement while ensuring system performance. In this work, we propose a GAme-theoretic ZEro-Trust Authentication framework, known as GAZETA, to design interdependent trust evaluation and authentication policies using dynamic game models. The stealthy and dynamic behaviors of the agent are captured by a Markov game with one-sided incomplete information. We provide a quantitative trust evaluation mechanism for the agent and update the trust score continuously based on observations. The analysis of the equilibrium not only provides a way to quantitatively assess the security posture of the network but also enables a formal method to design zero-trust authentication policies. We propose a moving-horizon computational method to enable online decisions and rapid responses to environmental changes. This online computation also enables a dynamic trust evaluation that integrates multiple sources of security evidence. We use a case study to illustrate the resilience, robustness, and efficiency of the proposed zero-trust approach.