University of Twente Student Theses


An Explainable Machine Learning Approach to Risk-Adaptive Access Control

Houtsma, R. (2022) An Explainable Machine Learning Approach to Risk-Adaptive Access Control.

[img] PDF
Abstract:Existing Access Control Systems are rigid and complex in large-scale organizations. Risk-Adaptive Access Control provides a dynamic solution. This research proposes an artificial neural network as a self-learning decision engine for RAdAC through a proof-of-concept with synthetic data. Synthetic data of access requests is generated and then labeled with policy-based permit/deny actions and risk scores modeled using attack trees. Three neural networks are trained on the data: a binary classifier to predict actions, and a multi-class classifier and a regression model to predict risk scores. Two datasets of 30000 access requests, a training- and test set, were generated with an `action' class imbalance of 72/28%. The binary classifier achieves a Matthew's correlation coefficient of 0.90; the multi-label classifier achieves a categorical accuracy of 0.90; while the regression model achieves a root mean squared error of 0.10. The proof-of-concept shows promise though the model performances are hard to compare since they were achieved on synthetic data. Neural networks appear capable of tackling the risk-adaptive access control problem, demonstration on real-world data is the next step. A probabilistic attack tree shows potential as a risk quantification method, though it remains to be demonstrated in a real-world setting.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page