You, Mingshan (2022) An Adaptive Machine Learning Framework for Access Control Decision Making. Research Master thesis, Victoria University.

Abstract

With the increasing popularity of information systems and digital devices, data leakage has become a serious threat on a global scale. Access control is recognised as the first defence to guarantee that only authorised users can access sensitive data and thus prevent data leakage. However, currently widely used attributebased access control (ABAC) is costly to configure and manage for large-scale information systems. Furthermore, misconfiguration and policy explosion are two significant challenges for ABAC strategies. In recent years, machine learning technologies have been more applied in access control decision-making to improve the automation and performance of access control decisions. Nevertheless, existing studies usually fail to consider the dynamic class imbalance problem in access control and thus achieve poor performance on minority classes. In addition, the concept drift problem caused by the evolving user and resource attributes, user behaviours, and access environments is also challenging to tackle. This thesis focuses on leveraging machine learning algorithms to make more accurate and adaptive access control decisions. Specifically, a minority class boosted framework is proposed to address the possible concept drifts caused by evolving users’ behaviours and system environments. Its basic idea is to adopt an incremental batch learning strategy to update the classifier continuously. Within this framework, a boosting window (BW) algorithm is specially designed to boost the performance of the minority class since the minority class is fatal for data protection in access control problems. Furthermore, to improve the overall performance of access control, this study adopts a knowledge graph to mine the interlinked relationships between users and resources. A knowledge graph construction algorithm is designed to build a domain-specific knowledge graph. The constructed knowledge graph is also adopted into an online learning framework for access control decision-making. The proposed frameworks and algorithms are evaluated and verified through two open-source real-world Amazon datasets. Experimental results show that the proposed BW algorithm effectively boosts the performance of the minority class. Furthermore, using topological features extracted from our constructed access control knowledge graph can improve access control performance in both offline and online learning scenarios.

Search Google Scholar

Repository staff login