EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A hybrid machine learning and explainable AI framework for optimizing risk-based authentication

K Sasikumar and Sivakumar Nagarajan

PLOS ONE, 2026, vol. 21, issue 5, 1-26

Abstract: As online platforms continue to grow, the need for strong authentication mechanisms becomes increasingly important to protect sensitive information and networks. Risk-Based Authentication (RBA) is an adaptive approach that dynamically adjusts authentication decisions based on user behavior and contextual information, thereby improving both security and user experience. This study proposes a hybrid RBA framework that integrates machine learning ensemble techniques, fuzzy logic, clustering, and optimization to enhance account takeover detection and dynamic risk assessment. The ensemble classifier, combining Gradient Boosting, SVM, and XGBoost, predicts the probability of account compromise based on login behavior, device attributes, and network information. K-Means clustering is used to generate initial risk thresholds (low, medium, and high), which are further refined using a fuzzy logic system to map probabilities to risk levels. The L-BFGS-B optimization algorithm is employed to fine-tune fuzzy membership boundaries and improve threshold consistency. Experimental results demonstrate strong performance, achieving 97.77% accuracy, 99.41% precision, 98.04% recall, 98.72% F1-score, and an EER of 0.0303. On large-scale datasets ranging from 2M to 30M records, the proposed framework demonstrates consistent improvement in authentication decisions. For the 2M dataset, Allow Login actions increase from 349,432–349,923, while Deny Login actions decrease from 1,462–1,228, along with a slight reduction in additional authentication prompts. Furthermore, the use of Explainable AI techniques, particularly SHAP, enhances the transparency and interpretability of the model, supporting more informed decision-making. Overall, the proposed framework is accurate, adaptive, and suitable for real-world risk-based authentication applications.

Date: 2026
References: Add references at CitEc
Citations:

Downloads: (external link)
https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0349095 (text/html)
https://journals.plos.org/plosone/article/file?id= ... 49095&type=printable (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:plo:pone00:0349095

DOI: 10.1371/journal.pone.0349095

Access Statistics for this article

More articles in PLOS ONE from Public Library of Science
Bibliographic data for series maintained by plosone ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2026-05-31
Handle: RePEc:plo:pone00:0349095