AI-Driven Next-Generation Firewall for Dynamic Threat Detection and Zero Trust Implementation

The increasing adoption of cloud computing, remote work environments, Internet of Things (IoT) devices, and encrypted communication has significantly expanded the attack surface of modern enterprise networks. Traditional rule-based and signature-driven firewall systems are no longer sufficient to defend against advanced cyber threats such as zero-day attacks, lateral movement, and stealthy intrusion attempts. These conventional approaches lack adaptability, generate high false-positive rates, and fail to provide continuous trust evaluation required in dynamic network environments.
To address these limitations, this paper proposes an AI-driven Next-generation firewall (NGFW) architecture designed to support dynamic threat detection and Zero Trust implementation. The proposed framework integrates network traffic monitoring, behavioral flow analysis, AI-based threat detection, and dynamic policy enforcement into a unified security system. By analyzing traffic patterns at the flow level, the system continuously evaluates risk and enforces least-privilege access decisions without relying on static rules or predefined signatures.

Next-generation firewall (NGFW), AI-Driven Network Security, Dynamic Threat Detection

1. Z. Sheng, X. Chen, and J. Guo, “Artificial intelligence–enabled network security: A survey toward Zero Trust enforcement,” ACM Computing Surveys, vol. 57, no. 2, pp. 1–45, 2025. [Google Scholar] [Crossref]

2. J. Lin, Q. Zhang, and Y. Liu, “Real-world evaluation of AI-driven firewalls for dynamic policy enforcement,” IEEE Transactions on Network and Service Management, vol. 22, no. 1, pp. 88–102, 2025. [Google Scholar] [Crossref]

3. Y. Ding, H. Zhao, M. Li, and B. Xu, “Adaptive security enforcement using artificial intelligence in next-generation firewalls,” Future Generation Computer Systems, vol. 148, pp. 198–210, 2024. [Google Scholar] [Crossref]

4. T. Yu, H. Zhang, and K. Zhao, “Explainable AI for automated security policy decision-making,” IEEE Transactions on Dependable and Secure Computing, vol. 21, no. 1, pp. 112–125, 2024. [Google Scholar] [Crossref]

5. X. Zhou, L. Deng, and J. Roberts, “Machine learning techniques for next-generation firewall systems,” IEEE Access, vol. 12, pp. 22145–22162, 2024. [Google Scholar] [Crossref]

6. L. Germano, D. R. Silva, and A. Oliveira, “AI-driven traffic analysis for Zero Trust network architectures,” Computer Networks, vol. 239, p. 110012, 2024. [Google Scholar] [Crossref]

7. J. Wang, Y. Wang, and Z. Zhang, “Deep learning–based anomaly detection for enterprise network traffic,” IEEE Transactions on Network Science and Engineering, vol. 9, no. 3, pp. 1564–1576, 2022. [Google Scholar] [Crossref]

8. A. Abdallah, M. Zulkernine, and D. L. R. Santos, “Intrusion detection systems using machine learning: A comprehensive review,” Journal of Network and Computer Applications, vol. 188, p. 103120, 2021. [Google Scholar] [Crossref]

9. S. Rose, O. Borchert, S. Mitchell, and S. Connelly, “Zero Trust Architecture,” NIST Special Publication 800-207, 2020. [Google Scholar] [Crossref]

10. J. Kindervag, D. Thomson, and A. Sheldon, “Zero Trust network architecture: Design and deployment,” Forrester Research, 2019. [Google Scholar] [Crossref]

11. A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: Techniques, datasets, and challenges,” IEEE Communications Surveys & Tutorials, vol. 21, no. 2, pp. 1357–1377, 2019. [Google Scholar] [Crossref]

12. R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” IEEE Symposium on Security and Privacy, pp. 305–316, 2018. [Google Scholar] [Crossref]

13. M. Conti, Q. Q. Li, A. Maragno, and R. Spolaor, “The dark side of artificial intelligence in cybersecurity,” IEEE Security & Privacy, vol. 16, no. 3, pp. 16–24, 2018. [Google Scholar] [Crossref]

14. M. Allamanis, E. T. Barr, C. Bird, and C. Sutton, “A survey of machine learning for big code and security,” ACM Computing Surveys, vol. 51, no. 4, pp. 1–37, 2018. [Google Scholar] [Crossref]

15. C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” IEEE Computer, vol. 50, no. 7, pp. 80–84, 2017. [Google Scholar] [Crossref]

16. A. Behl and K. Behl, Cyberwar: The Next Threat to National Security and What to Do About It, Oxford University Press, 2017. [Google Scholar] [Crossref]

17. M. Ring, D. Landes, and A. Hotho, “Detection of slow port scans using machine learning,” IEEE Communications Letters, vol. 21, no. 5, pp. 1101–1104, 2017. [Google Scholar] [Crossref]

18. H. Hindy, D. Brosset, E. Bayne, A. Seeam, C. Tachtatzis, R. Atkinson, and X. Bellekens, “A taxonomy of network threats and intrusion detection systems,” IEEE Access, vol. 8, pp. 104–121, 2017. [Google Scholar] [Crossref]

19. Y. Meidan, M. Bohadana, A. Shabtai, M. Ochoa, N. Tippenhauer, J. Davis, and Y. Elovici, “Profiling IoT devices using network traffic analysis,” IEEE Conference on Communications and Network Security, pp. 1–9, 2017. [Google Scholar] [Crossref]

20. K. Scarfone and P. Mell, “Guide to intrusion detection and prevention systems (IDPS),” NIST Special Publication 800-94, 2017. [Google Scholar] [Crossref]

• The Role of Artificial Intelligence in Revolutionizing Library Services in Nairobi: Ethical Implications and Future Trends in User Interaction
• ESPYREAL: A Mobile Based Multi-Currency Identifier for Visually Impaired Individuals Using Convolutional Neural Network
• Comparative Analysis of AI-Driven IoT-Based Smart Agriculture Platforms with Blockchain-Enabled Marketplaces
• AI-Based Dish Recommender System for Reducing Fruit Waste through Spoilage Detection and Ripeness Assessment
• SEA-TALK: An AI-Powered Voice Translator and Southeast Asian Dialects Recognition