Skip to main content

A Minority Class Boosted Framework for Adaptive Access Control Decision-Making

  • Conference paper
  • First Online:
Web Information Systems Engineering – WISE 2021 (WISE 2021)

Abstract

Access control is an effective way to prevent data exfiltration from insiders. Recently, machine learning algorithms have been widely used in access control decision-making. However, these algorithms usually fail to consider the dynamic class imbalance in access control problems and thus achieve poor performance on minority classes. In addition, concept drift problems caused by evolving user and resource attributes, user behaviours and access environments are also challenges to tackle. This paper proposes a minority class boosted framework for adaptive access control methods. Specifically, this framework uses a continuous incremental batch learning strategy instead of a batch learning approach to handle the concept drift problem adaptively. Furthermore, a boosting window (BW) algorithm within the framework is specially designed to boost the performance of the minority class, thus, to decrease false positive decisions. The proposed framework is evaluated on a well-known Amazon employee access dataset and results demonstrate the effectiveness and flexibility of the proposed framework and BW algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.kaggle.com/c/amazon-employee-access-challenge.

References

  1. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: a temporal role-based access control model. In: Proceedings of the Fifth ACM Workshop on Role-Based Access Control, pp. 21–30 (2000)

    Google Scholar 

  2. Ding, S., Cao, J., Li, C., Fan, K., Li, H.: A novel attribute-based access control scheme using blockchain for IoT. IEEE Access 7, 38431–38441 (2019)

    Article  Google Scholar 

  3. Dutta, S., Chukkapalli, S.S.L., Sulgekar, M., Krithivasan, S., Das, P.K., Joshi, A.: Context sensitive access control in smart home environments. In: 2020 IEEE 6th International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing, (HPSC) and IEEE International Conference on Intelligent Data and Security (IDS), pp. 35–41. IEEE (2020)

    Google Scholar 

  4. Gupta, M., Awaysheh, F.M., Benson, J., Al Azab, M., Patwa, F., Sandhu, R.: An attribute-based access control for cloud-enabled industrial smart vehicles. IEEE Trans. Ind. Inform. (2020)

    Google Scholar 

  5. He, J., Rong, J., Sun, L., Wang, H., Zhang, Y., Ma, J.: A framework for cardiac arrhythmia detection from IoT-based ECGs. World Wide Web 23 (2020). https://doi.org/10.1007/s11280-019-00776-9

  6. Hu, V.C., Kuhn, D.R., Ferraiolo, D.F., Voas, J.: Attribute-based access control. Computer 48(2), 85–88 (2015)

    Article  Google Scholar 

  7. Jiang, H., Zhou, R., Zhang, L., Wang, H., Zhang, Y.: Sentence level topic models for associated topics extraction. World Wide Web 22 (2019). https://doi.org/10.1007/s11280-018-0639-1

  8. Kabir, E., Mahmood, A., Wang, H., Mustafa, A.: Microaggregation sorting framework for k-anonymity statistical disclosure control in cloud computing. IEEE Trans. Cloud Comput. PP, 1 (2015). https://doi.org/10.1109/TCC.2015.2469649

  9. Li, H., Wang, Y., Wang, H., Zhou, B.: Multi-window based ensemble learning for classification of imbalanced streaming data. World Wide Web 20, 1–19 (2017). https://doi.org/10.1007/s11280-017-0449-x

  10. Li, J., Zhang, B.: An ontology-based approach to improve access policy administration of attribute-based access control. Int. J. Inf. Comput. Secur. 11(4–5), 391–412 (2019)

    Google Scholar 

  11. Lu, J., Liu, A., Dong, F., Gu, F., Gama, J., Zhang, G.: Learning under concept drift: a review. IEEE Trans. Knowl. Data Eng. 31(12), 2346–2363 (2018)

    Google Scholar 

  12. McAfee: Grand theft data II: the drivers and shifting state of data breaches. Technical report, McAfee (2019). https://www.mcafee.com/enterprise/en-us/assets/reports/restricted/rp-data-exfiltration-2.pdf

  13. Miwa, M., Ananiadou, S.: Adaptable, high recall, event extraction system with minimal configuration. BMC Bioinform. 16(10), 1–11 (2015)

    Google Scholar 

  14. Moyer, M.J., Abamad, M.: Generalized role-based access control. In: Proceedings 21st International Conference on Distributed Computing Systems, pp. 391–398. IEEE (2001)

    Google Scholar 

  15. Paci, F., Squicciarini, A., Zannone, N.: Survey on access control for community-centered collaborative systems. ACM Comput. Surv. (CSUR) 51(1), 1–38 (2018)

    Article  Google Scholar 

  16. Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998)

    Google Scholar 

  17. Servos, D., Osborn, S.L.: Current research and open problems in attribute-based access control. ACM Comput. Surv. (CSUR) 49(4), 1–45 (2017)

    Article  Google Scholar 

  18. Srivastava, K., Shekokar, N.: Machine learning based risk-adaptive access control system to identify genuineness of the requester. In: Gunjan, V.K., Zurada, J.M., Raman, B., Gangadharan, G.R. (eds.) Modern Approaches in Machine Learning and Cognitive Science: A Walkthrough. SCI, vol. 885, pp. 129–143. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38445-6_10

    Chapter  Google Scholar 

  19. Sun, X., Wang, H., Li, J., Pei, J.: Publishing anonymous survey rating data. Data Min. Knowl. Discov. 23, 379–406 (2011). https://doi.org/10.1007/s10618-010-0208-4

  20. Sun, X., Wang, H., Plank, A.: An efficient hash-based algorithm for minimal k-anonymity. In: Proceedings of the Thirty-first Australasian Conference on Computer Science, vol. 74, pp. 101–107 (2008). https://doi.org/10.1145/1378279.1378297

  21. Verizon: Data breach investigations report. Technical report, Verizon (2020). https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf

  22. Vimalachandran, P., Liu, H., Lin, Y., Ji, K., Wang, H., Zhang, Y.: Improving accessibility of the Australian my health records while preserving privacy and security of the system. Health Inf. Sci. Syst. 8 (2020). https://doi.org/10.1007/s13755-020-00126-4

  23. Wang, H., Cao, J., Zhang, Y.: Ticket-based service access scheme for mobile users. Australian Comput. Sci. Commun., 285–292 (2002). https://doi.org/10.1145/563857.563834

  24. Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. IEEE Trans. Knowl. Data Eng. 17, 425–436 (2005). https://doi.org/10.1109/TKDE.2005.35

  25. Wang, H., Sun, L.: Trust-involved access control in collaborative open social networks. In: 2010 Fourth International Conference on Network and System Security, pp. 239–246. IEEE, September 2010. https://doi.org/10.1109/NSS.2010.13

  26. Wang, H., Sun, L., Bertino, E.: Building access control policy model for privacy preserving and testing policy conflicting problems. J. Comput. Syst. Sci. 80 (2014). https://doi.org/10.1016/j.jcss.2014.04.017

  27. Wang, H., Wang, Y., Taleb, T., Jiang, X.: Editorial: Special issue on security and privacy in network computing. World Wide Web 23 (2019). https://doi.org/10.1007/s11280-019-00704-x

  28. Wang, H., Zhang, Y., Cao, J.: Effective collaboration with information sharing in virtual universities. IEEE Trans. Knowl. Data Eng. 21, 840–853 (2009). https://doi.org/10.1109/TKDE.2008.132

  29. Yin, J., Tang, M., Cao, J., Wang, H.: Apply transfer learning to cybersecurity: predicting exploitability of vulnerabilities by description. Knowl. Based Syst. 210, 106529 (2020)

    Google Scholar 

  30. Yin, J., Tang, M.J., Cao, J., Wang, H., You, M., Lin, Y.: Adaptive online learning for vulnerability exploitation time prediction. In: Huang, Z., Beek, W., Wang, H., Zhou, R., Zhang, Y. (eds.) WISE 2020. LNCS, vol. 12343, pp. 252–266. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-62008-0_18

    Chapter  Google Scholar 

  31. Yin, J., Tang, M., Cao, J., Wang, H., You, M., Lin, Y.: Vulnerability exploitation time prediction: an integrated framework for dynamic imbalanced learning. Word Wide Web 1(1), 1–23 (2021). https://doi.org/10.1007/s11280-021-00909-z

  32. Zhang, F., Wang, Y., Liu, S., Wang, H.: Decision-based evasion attacks on tree ensemble classifiers. World Wide Web 23 (2020). https://doi.org/10.1007/s11280-020-00813-y

  33. Zhang, J., Li, H., Liu, X., Luo, Y., Chen, F., Wang, H.: On efficient and robust anonymization for privacy protection on massive streaming categorical information. IEEE Trans. Dependable Secure Comput. PP, 1 (2015). https://doi.org/10.1109/TDSC.2015.2483503

  34. Zhang, Y., Zheng, D., Deng, R.H.: Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Internet Things J. 5(3), 2130–2145 (2018)

    Article  Google Scholar 

  35. Zhong, H., Zhou, Y., Zhang, Q., Xu, Y., Cui, J.: An efficient and outsourcing-supported attribute-based access control scheme for edge-enabled smart healthcare. Future Gener. Comput. Syst. 115, 486–496 (2021)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Hua Wang .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

You, M., Yin, J., Wang, H., Cao, J., Miao, Y. (2021). A Minority Class Boosted Framework for Adaptive Access Control Decision-Making. In: Zhang, W., Zou, L., Maamar, Z., Chen, L. (eds) Web Information Systems Engineering – WISE 2021. WISE 2021. Lecture Notes in Computer Science(), vol 13080. Springer, Cham. https://doi.org/10.1007/978-3-030-90888-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-90888-1_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-90887-4

  • Online ISBN: 978-3-030-90888-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics