<p>Attribute-based access control provides expressive policies but is difficult to scale in dynamic systems that lack curated access control logs and manually designed attribute schemas. Existing methods either mine symbolic rules from structured logs, which are brittle under behavioral variation, or train black box classifiers that do not expose policy structure. This paper presents DACL, a framework that performs structured representation learning from network behavior augmented with security labels and identifier to entity bindings obtained from intrusion detection and asset inventories. DACL constructs a hybrid latent space with factorized variational modeling and vector quantization, separates behavioral factors that correlate with access decisions, and aligns selected dimensions with semantic attributes through lightweight supervision. Axis aligned predicates in this space are compiled into structured access policies in a format compatible with XACML policy engines. On CIC-IDS2017, CSE-CIC-IDS2018, and UNSW-NB15, DACL achieves F1 scores up to 0.946 and reduces the weighted structural complexity of the learned policies by 27% to 42% relative to symbolic and neural baselines. The resulting policies remain interpretable, can be linked to subject and resource attributes through external inventories, and can be enforced by standard XACML deployments without relying on pre existing attribute-based access control logs.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Structured Representation Learning from Network Behavior for Attribute-Based Access Control

  • Junjun Ding,
  • Yunxue Zhong,
  • Haofei Meng,
  • Wenwu Yu,
  • Yubo Song

摘要

Attribute-based access control provides expressive policies but is difficult to scale in dynamic systems that lack curated access control logs and manually designed attribute schemas. Existing methods either mine symbolic rules from structured logs, which are brittle under behavioral variation, or train black box classifiers that do not expose policy structure. This paper presents DACL, a framework that performs structured representation learning from network behavior augmented with security labels and identifier to entity bindings obtained from intrusion detection and asset inventories. DACL constructs a hybrid latent space with factorized variational modeling and vector quantization, separates behavioral factors that correlate with access decisions, and aligns selected dimensions with semantic attributes through lightweight supervision. Axis aligned predicates in this space are compiled into structured access policies in a format compatible with XACML policy engines. On CIC-IDS2017, CSE-CIC-IDS2018, and UNSW-NB15, DACL achieves F1 scores up to 0.946 and reduces the weighted structural complexity of the learned policies by 27% to 42% relative to symbolic and neural baselines. The resulting policies remain interpretable, can be linked to subject and resource attributes through external inventories, and can be enforced by standard XACML deployments without relying on pre existing attribute-based access control logs.