行为异常检测技术在零信任访问控制中的应用OA北大核心CSTPCD

Zero trust is a solution to the problem of fuzzy network boundaries and has been widely used in many access control methods.Most zero-trust access control methods only use statistical methods to calculate trust values,which has poor ability to prevent unknown risks and lacks adaptability to different users.A zero-trust access control method that applies behavior anomaly detection was proposed to solve those problems.The proposed method designed a trust engine that included a behavior anomaly detection strategy,which can use autoencoders and bidirectional long short-term memory neural networks to characterize user behavior patterns.The proposed method used the mean square error loss function to describe the degree of abnormality in user behavior,and calculated the trust value together with other elements.The proposed method used abnormal behavior representation values to set trust thresholds and adaptively adjust access policies.The experimental results show that the proposed method is sensitive to the correlation between user behaviors.The proposed method can detect the abnormal behaviors and stop the authorization,which achieve continuous trust evaluation and fine-grained access control.