信息安全研究2024,Vol.10Issue(10):921-927,7.DOI:10.12379/j.issn.2096-1057.2024.10.05
行为异常检测技术在零信任访问控制中的应用
Application of Behavior Anomaly Detection in Zero Trust Access Control Method
摘要
Abstract
Zero trust is a solution to the problem of fuzzy network boundaries and has been widely used in many access control methods.Most zero-trust access control methods only use statistical methods to calculate trust values,which has poor ability to prevent unknown risks and lacks adaptability to different users.A zero-trust access control method that applies behavior anomaly detection was proposed to solve those problems.The proposed method designed a trust engine that included a behavior anomaly detection strategy,which can use autoencoders and bidirectional long short-term memory neural networks to characterize user behavior patterns.The proposed method used the mean square error loss function to describe the degree of abnormality in user behavior,and calculated the trust value together with other elements.The proposed method used abnormal behavior representation values to set trust thresholds and adaptively adjust access policies.The experimental results show that the proposed method is sensitive to the correlation between user behaviors.The proposed method can detect the abnormal behaviors and stop the authorization,which achieve continuous trust evaluation and fine-grained access control.关键词
零信任/访问控制/信任评估/长短期记忆神经网络/异常检测Key words
zero trust/access control/trust evaluation/bidirectional long short-term memory neural network/anomaly detection分类
信息技术与安全科学引用本文复制引用
金志刚,林亮成,陈旭阳..行为异常检测技术在零信任访问控制中的应用[J].信息安全研究,2024,10(10):921-927,7.基金项目
国家自然科学基金项目(52171337) (52171337)
