Using Conditional Random Fields to Optimize a Self-Adaptive Bell-LaPadula Model in Control Systems

Once defined, the access control policies and regulations would never be changed in a running and state transition process. However, it will give attackers the possibility of discovering vulnerabilities in the system, and the control systems lack the ability of dynamic perception of security state and risk, causing the systems to be exposed to risks. In this article, a dynamic Bell-LaPadula (BLP) model is proposed. The conditional random field (CRF) is introduced into the BLP model to optimize the rules. First, the model formalizes the security attributes, states of system, transition rules, and constraint models on the basis of the state transition of CRFs. After the historical system access logs are processed as the original dataset, a feature selection method is proposed to extract the requests and current states as feature vectors. Second, this article presents a rules training algorithm based on L-BFGS to implement the study and training of datasets, and then marks the logs in the test set through Viterbi algorithm automatically. On the base of these, a rule generation algorithm is proposed to dynamically adjust the access control rules based on the current security status and events of the system. Third, the security of CRFs-BLP is proved by theoretical analysis. Finally, the validity and accuracy of the model are verified by estimating the value of the precision, recall, and F1-score. As the system threats are shown to be decreased obviously from these experiments, this dynamic model can decrease the vulnerabilities and risk effectively.

Automated summary

This article proposes a dynamic Bell-LaPadula (BLP) model by introducing conditional random field (CRF) to optimize rules, formalizes security attributes, system states, and constraint models based on the state transition of CRFs, and presents a method to dynamically adjust access control rules. The security of CRFs-BLP is proved by theoretical analysis, and the validity and accuracy of the model are verified by evaluating precision, recall, and F1-score. Experiments show that the dynamic model effectively decreases system vulnerabilities and risks.