A zero-trust decentralized identifier specification based machine learning against cyber-attacks in blockchain based self-sovereign identity
摘要
Self-sovereign identity (SSI) in cloud environments leverages decentralized identifier documents (DIDDs) and verifiable credentials (VCs) to enable decentralized, trustless digital identity management. While these systems provide secure endpoints and rely on cryptographic proofs, unverified embedded endpoints introduce phishing risks from both insiders and external attackers. In this paper, we propose a zero-trust specification for DIDDs and VCs in blockchain-based SSI solutions. Our approach involves analyzing and processing DIDDs and VCs endpoints using machine learning-based detection models. Since trust is not solely a technical compliance issue, our solution incorporates fuzzy logic to enable customization, ensuring adaptability across diverse environments without compromising trust levels. The proposed scheme was evaluated using three well-known machine learning algorithms: Random Forest (96.6% accuracy), XGBoost (96.2%), and LGBM (95.9%), demonstrating high efficacy in enhancing zero-trust security for blockchain-based SSI systems. Quantitative analysis of trust quality in DIDDs/VCs across thresholds (0.1–0.9) revealed strong discriminative performance, with 95% of values exceeding the 0.7 threshold. Additionally, fuzzy logic integration further reduced social engineering risks, achieving an 18% decline in successful attacks through automated high-risk endpoint flagging.