Automatic generation of AppArmor security policies based on large language models
Operating system (OS) security has been considered as a critical layer within the comprehensive security framework of computer information systems. Mandatory access control (MAC) mechanisms such as SELinux and AppArmor have been employed to strengthen OS security. However, significant challenges hav...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2024-06-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024046 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529509105369088 |
|---|---|
| author | SHA Yitian LIU Shaojun QIAN Xin WU Yue CHEN Peng LIU Xing |
| author_facet | SHA Yitian LIU Shaojun QIAN Xin WU Yue CHEN Peng LIU Xing |
| author_sort | SHA Yitian |
| collection | DOAJ |
| description | Operating system (OS) security has been considered as a critical layer within the comprehensive security framework of computer information systems. Mandatory access control (MAC) mechanisms such as SELinux and AppArmor have been employed to strengthen OS security. However, significant challenges have been encountered in the application of MAC in practice, primarily involving the complexity of security policy configuration, which has demanded specialized expertise and often resulted in coarse-grained protection measures. Aimed at enhancing the process of generating security policies for AppArmor, an automated access control policy generation method was proposed based on large language models (LLM). The process began with a static analysis of the target application to extract preliminary security policy rules. Subsequently, the application was extensively executed to gather logs that achieved maximum code coverage. Large models, in conjunction with the gathered log information, static analysis outcomes, and few-shot learning, were utilized to autonomously generate security policies for applications. This approach significantly reduced the dependence on security experts, lowered manual labor costs, and diminished the subjectivity and complexity associated with manual security policy configurations. The efficacy of this methodology was demonstrated through a comparative analysis between the AppArmor security policies generated by this framework and the default policies, focusing on the policies’ correctness, completeness, and succinctness. The experimental findings reveal that the generated policies are not only comprehensive and succinct but also do not impede the normal operation of the application. These results underscore the effectiveness of the proposed method in streamlining the security policy generation process and enhancing the quality of the policies. |
| format | Article |
| id | doaj-art-3c1c14c0313d48f4918122e1d69518de |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2024-06-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-3c1c14c0313d48f4918122e1d69518de2025-01-15T03:17:16ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2024-06-011014315567188798Automatic generation of AppArmor security policies based on large language modelsSHA YitianLIU ShaojunQIAN XinWU YueCHEN PengLIU XingOperating system (OS) security has been considered as a critical layer within the comprehensive security framework of computer information systems. Mandatory access control (MAC) mechanisms such as SELinux and AppArmor have been employed to strengthen OS security. However, significant challenges have been encountered in the application of MAC in practice, primarily involving the complexity of security policy configuration, which has demanded specialized expertise and often resulted in coarse-grained protection measures. Aimed at enhancing the process of generating security policies for AppArmor, an automated access control policy generation method was proposed based on large language models (LLM). The process began with a static analysis of the target application to extract preliminary security policy rules. Subsequently, the application was extensively executed to gather logs that achieved maximum code coverage. Large models, in conjunction with the gathered log information, static analysis outcomes, and few-shot learning, were utilized to autonomously generate security policies for applications. This approach significantly reduced the dependence on security experts, lowered manual labor costs, and diminished the subjectivity and complexity associated with manual security policy configurations. The efficacy of this methodology was demonstrated through a comparative analysis between the AppArmor security policies generated by this framework and the default policies, focusing on the policies’ correctness, completeness, and succinctness. The experimental findings reveal that the generated policies are not only comprehensive and succinct but also do not impede the normal operation of the application. These results underscore the effectiveness of the proposed method in streamlining the security policy generation process and enhancing the quality of the policies.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024046mandatory access controlAppArmorsecurity policystatic analysis |
| spellingShingle | SHA Yitian LIU Shaojun QIAN Xin WU Yue CHEN Peng LIU Xing Automatic generation of AppArmor security policies based on large language models 网络与信息安全学报 mandatory access control AppArmor security policy static analysis |
| title | Automatic generation of AppArmor security policies based on large language models |
| title_full | Automatic generation of AppArmor security policies based on large language models |
| title_fullStr | Automatic generation of AppArmor security policies based on large language models |
| title_full_unstemmed | Automatic generation of AppArmor security policies based on large language models |
| title_short | Automatic generation of AppArmor security policies based on large language models |
| title_sort | automatic generation of apparmor security policies based on large language models |
| topic | mandatory access control AppArmor security policy static analysis |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2024046 |
| work_keys_str_mv | AT shayitian automaticgenerationofapparmorsecuritypoliciesbasedonlargelanguagemodels AT liushaojun automaticgenerationofapparmorsecuritypoliciesbasedonlargelanguagemodels AT qianxin automaticgenerationofapparmorsecuritypoliciesbasedonlargelanguagemodels AT wuyue automaticgenerationofapparmorsecuritypoliciesbasedonlargelanguagemodels AT chenpeng automaticgenerationofapparmorsecuritypoliciesbasedonlargelanguagemodels AT liuxing automaticgenerationofapparmorsecuritypoliciesbasedonlargelanguagemodels |