Application of Behavior Anomaly Detection in Zero Trust Access #br#
Control Method#br#

Journal of Information Security Reserach ›› 2024, Vol. 10 ›› Issue (10): 921-.

Previous Articles Next Articles

Application of Behavior Anomaly Detection in Zero Trust Access #br# Control Method#br#

Jin Zhigang1, Lin Liangcheng2, and Chen Xuyang1#br#

1(School of Electrical and Information Engineering, Tianjin University, Tianjin 300072)
2(SLJI Testing Technology (Beijing) Co., Ltd., State Grid, Beijing 102211)

Online:2024-10-15 Published:2024-10-15

行为异常检测技术在零信任访问控制中的应用

金志刚1林亮成2陈旭阳1

1(天津大学电气自动化与信息工程学院天津300072)
2(国家电网有限公司思极检测技术(北京)有限公司北京102211)

通讯作者: 金志刚博士，教授.主要研究方向为无线网络与网络安全. zgjin@tju.edu.cn
作者简介:金志刚博士，教授.主要研究方向为无线网络与网络安全. zgjin@tju.edu.cn 林亮成硕士，高级工程师.主要研究方向为电网信息通信技术. Work_0001@126.com 陈旭阳硕士研究生.主要研究方向为网络安全. chen_xuyang@tju.edu.cn

Abstract

Abstract: Zero trust is a solution to the problem of fuzzy network boundaries and has been widely used in many access control methods. Most zerotrust access control methods only use statistical methods to calculate trust values, which has poor ability to prevent unknown risks and lacks adaptability to different users. A zerotrust access control method that applies behavior anomaly detection was proposed to solve those problems. The proposed method designed a trust engine that included a behavior anomaly detection strategy, which can use autoencoders and bidirectional long shortterm memory neural networks to characterize user behavior patterns. The proposed method used the mean square error loss function to describe the degree of abnormality in user behavior, and calculated the trust value together with other elements. The proposed method used abnormal behavior representation values to set trust thresholds and adaptively adjust access policies. The experimental results show that the proposed method is sensitive to the correlation between user behaviors. The proposed method can detect the abnormal behaviors and stop the authorization, which achieve continuous trust evaluation and finegrained access control.

Key words: zero trust, access control, trust evaluation, bidirectional long shortterm memory neural network, anomaly detection

摘要： 零信任有效解决了网络边界模糊的问题，在多种访问控制方法中得到广泛应用.针对大部分零信任访问控制方法仅使用简单统计方法计算信任评分、防范未知风险能力较差、缺乏对不同用户的自适应能力的问题，提出了一种引入行为异常检测的零信任访问控制方法.该方法设计了一种结合行为异常检测策略的信任引擎，通过自编码器和双向长短期记忆神经网络的建模能力，表征用户的行为模式，利用均方误差损失函数计算异常行为表征值，同时融合其他要素计算信任评分.该方法利用异常行为表征值设定信任阈值，以自适应调整用户访问策略.实验结果表明，所提方法对用户行为间的关联敏感，能够识别用户的异常行为并阻止授权，实现持续评估、细粒度的访问控制.

关键词: 零信任, 访问控制, 信任评估, 长短期记忆神经网络, 异常检测

CLC Number:

TP309

金志刚, 林亮成, 陈旭阳, . 行为异常检测技术在零信任访问控制中的应用[J]. 信息安全研究, 2024, 10(10): 921-.

References

［1］王斯梁, 冯暄, 蔡友保, 等. 零信任安全模型解析及应用研究［J］. 信息安全研究, 2020, 6(11): 966971［2］Bobbert Y, Scheerder J. Zero trust validation: From practice to theory: An empirical research project to improve zero trust implementations［C］ Proc of the 29th IEEE Annual Software Technology Conference. Piscataway, NJ: IEEE, 2022: 93104［3］诸葛程晨, 王群, 刘家银, 等. 零信任网络综述［J］. 计算机工程与应用, 2022, 58(22): 1229［4］Munasinghe S, Piyarathna N, Wijerathne E, et al. Machine learning based zero trust architecture for secure networking［C］ Proc of the 17th IEEE Int Conf on Industrial and Information Systems. Piscataway, NJ: IEEE, 2023: 16［5］He Yuanhang, Huang Daochao, Chen Lei, et al. A survey on zero trust archiecture［J］. Wireless Communications and Mobile Computing, 2022, 2022(1): 113［6］Yao Qigui, Wang Qi, Zhang Xiaojian, et al. Dynamic access control and authorization system based on zerotrust architecture［C］ Procs of the 2020 Int Conf on Control, Robotics and Intelligent System, New York: ACM, 2020: 123127［7］张刘天, 陈丹伟. 基于零信任的动态访问控制模型研究［J］. 信息安全研究, 2022, 8(10): 10081017［8］林奕夫, 陈雪, 许媛媛, 等. 基于零信任的动态访问控制模型研究［J］. 信息安全研究, 2024, 10(1): 8893［9］Yunanto W, Pao H K. User behavior risk evaluation in zero trust architecture environment［C］ Proc of the 8th IEEE World Forum on Internet of Things. Piscataway, NJ: IEEE, 2022: 16［10］Zhang Chenxin, He Jie, Fan Baixiang, et al. Tagbased trust evaluation in zero trust architecture［C］ Proc of the 4th Int Academic Exchange Conf on Science and Technology Innovation. Piscataway, NJ: IEEE, 2022: 772776［11］张宇, 张妍. 零信任研究综述［J］. 信息安全研究, 2020, 6(7): 608614［12］马俊辉. 基于零信任架构的智能家居动态访问控制模型［D］. 天津: 天津大学, 2021

[1]	. A Traceable Encryption Scheme for Medical Data Based on Smart Contract and Fog Computing [J]. Journal of Information Security Reserach, 2024, 10(6): 554-.
[2]	. Research on the Latticebased Access Control Encryption Technology [J]. Journal of Information Security Reserach, 2024, 10(4): 318-.
[3]	. Research on Zero Trust Access Control Model Based on Role and Attribute#br# #br# [J]. Journal of Information Security Reserach, 2024, 10(3): 241-.
[4]	. Malicious Client Detection and Defense Method for Federated Learning [J]. Journal of Information Security Reserach, 2024, 10(2): 163-.
[5]	. Research for Zero Trust Security Model [J]. Journal of Information Security Reserach, 2024, 10(10): 886-.
[6]	. A Retrospective and Future Development Study of Zero Trust Architecture [J]. Journal of Information Security Reserach, 2024, 10(10): 896-.
[7]	. Design of SDP Trust Evaluation Model Based on Federated Learning [J]. Journal of Information Security Reserach, 2024, 10(10): 903-.
[8]	. Research and Implementation of Intelligent Permission Management [J]. Journal of Information Security Reserach, 2024, 10(10): 912-.
[9]	. Data Sharing Access Control Method for Distribution Terminal IoT #br# Based on Zero Trust Architecture and Least Privilege Principle#br# [J]. Journal of Information Security Reserach, 2024, 10(10): 937-.
[10]	. A Blockchain Access Control Model for Grain Traceability Based on #br# Zerotrust Mechanism#br# [J]. Journal of Information Security Reserach, 2024, 10(10): 944-.
[11]	. Distributed Authentication Model Under Power IoT Zero Trust Architecture [J]. Journal of Information Security Reserach, 2024, 10(1): 67-.
[12]	. Power Sensitive Data Access Control Method Based on Zero Trust Security Model [J]. Journal of Information Security Reserach, 2024, 10(1): 88-.
[13]	. Research on Blockchain Abnormal Transaction Detection Technology Based on LightGBM [J]. Journal of Information Security Reserach, 2023, 9(9): 877-.
[14]	. Research and Application of 5G Private Network Access Security Management and Control Scheme Based on DNAAA [J]. Journal of Information Security Reserach, 2023, 9(8): 784-.
[15]	. Towards a Privacy-preserving Research for AI and Blockchain Integration [J]. Journal of Information Security Reserach, 2023, 9(6): 557-.

Application of Behavior Anomaly Detection in Zero Trust Access #br# Control Method#br#

行为异常检测技术在零信任访问控制中的应用

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics