Mitigating Session Hijacking through Zero-Trust Continuous Authentication and Behavioral Biometrics

This research proposes a Zero-Trust Continuous Authentication (ZTCA) framework to combat modern session hijacking attacks, such as those from "Infostealer" malware that steal active session cookies to bypass traditional Multi- Factor Authentication (MFA). The framework integrates two verification layers: a Behavioral Biometrics layer that passively monitors user-specific patterns like keystroke dynamics and mouse movements to calculate a real-time "Trust Score," and a Cryptographic Ambient Signals layer that uses the Web Bluetooth API to perform a challenge-response handshake, ensuring the physical proximity of a trusted device and preventing MAC spoofing. Implemented on a MERN-stack architecture, this multi-modal approach is designed to significantly reduce the False Acceptance Rate for hijacked sessions while maintaining low latency and minimal disruption to the user, shifting security from a single login event to a continuous trust model.