网络与信息安全学报2024,Vol.10Issue(3):143-155,13.DOI:10.11959/j.issn.2096-109x.2024046
基于大语言模型的AppArmor安全策略自动生成方法
Automatic generation of AppArmor security policies based on large language models
摘要
Abstract
Operating system(OS)security has been considered as a critical layer within the comprehensive security framework of computer information systems.Mandatory access control(MAC)mechanisms such as SELinux and AppArmor have been employed to strengthen OS security.However,significant challenges have been encountered in the application of MAC in practice,primarily involving the complexity of security policy configuration,which has demanded specialized expertise and often resulted in coarse-grained protection measures.Aimed at enhancing the process of generating security policies for AppArmor,an automated access control policy generation method was proposed based on large language models(LLM).The process began with a static analysis of the target applica-tion to extract preliminary security policy rules.Subsequently,the application was extensively executed to gather logs that achieved maximum code coverage.Large models,in conjunction with the gathered log information,static analysis outcomes,and few-shot learning,were utilized to autonomously generate security policies for applications.This approach significantly reduced the dependence on security experts,lowered manual labor costs,and dimin-ished the subjectivity and complexity associated with manual security policy configurations.The efficacy of this methodology was demonstrated through a comparative analysis between the AppArmor security policies generated by this framework and the default policies,focusing on the policies'correctness,completeness,and succinctness.The experimental findings reveal that the generated policies are not only comprehensive and succinct but also do not impede the normal operation of the application.These results underscore the effectiveness of the proposed method in streamlining the security policy generation process and enhancing the quality of the policies.关键词
强制访问控制/AppArmor/安全策略/静态分析Key words
mandatory access control/AppArmor/security policy/static analysis分类
信息技术与安全科学引用本文复制引用
沙倚天,刘少君,钱欣,吴越,陈鹏,刘行..基于大语言模型的AppArmor安全策略自动生成方法[J].网络与信息安全学报,2024,10(3):143-155,13.基金项目
国网江苏电力有限公司科技项目(J2023110) State Grid Jiangsu Electric Power Co.,Ltd.Science and Technology Project(J2023110) (J2023110)
