This study addresses the limitations of traditional perimeter-based security mechanisms in zero-trust IoT environments, particularly their insufficient accuracy in anomaly detection and ineffectiveness in leveraging threat intelligence. To overcome these challenges, the work proposes a detection framework that integrates SMOTE oversampling with multiple supervised learning classifiers—namely support vector machines, random forests, and decision trees—and further enhances malicious URL and advanced persistent threat identification through edge machine learning and blockchain technology. Experimental evaluation on the KDD Cup 1999 dataset demonstrates that the proposed approach significantly reduces false positive rates and improves intrusion detection accuracy, thereby strengthening the proactive defense capabilities and security resilience of zero-trust IoT systems.

The growing adoption of IoT and cloud computing, combined with rapid advancements in digital technologies, has considerably increased the cyber-attack surface, resulting in increasingly complex and persistent attacks. Traditional security methods, primarily based on perimeter defenses, are insufficient to meet these developing threats, especially within the context of a Zero Trust Security (ZTS) architecture. This study investigates the application of sophisticated artificial intelligence (AI) and machine learning (ML) techniques, including the use of the Synthetic Minority Oversampling Technique (SMOTE), to improve anomaly detection and threat intelligence systems. This study focuses on how Support Vector Machine (SVM), Random Forest (RF), and Decision Tree (DT) classifiers might increase threat detection accuracy in IoT environments. The research endeavors to improve cybersecurity resilience by mitigating false positives and providing actionable intelligence through supervised learning algorithms. The KDD Cup 1999 dataset is used in the study to assess how well these models perform in simulating various network intrusions and regular traffic. The application of SMOTE significantly enhanced the performance of these models by addressing class imbalance, leading to improved detection accuracy. Furthermore, as supplementary methods for detecting malicious URLs and advanced persistent threats (APTs), edge-based machine learning and blockchain technology are investigated. This study addresses the shortcomings of conventional security systems and supports the growing demand for reliable threat detection in a world that is becoming more interconnected. It also advances the creation of more proactive and adaptable cybersecur