Structured Representation Learning from Network Behavior for Attribute-Based Access Control
摘要
Attribute-based access control provides expressive policies but is difficult to scale in dynamic systems that lack curated access control logs and manually designed attribute schemas. Existing methods either mine symbolic rules from structured logs, which are brittle under behavioral variation, or train black box classifiers that do not expose policy structure. This paper presents DACL, a framework that performs structured representation learning from network behavior augmented with security labels and identifier to entity bindings obtained from intrusion detection and asset inventories. DACL constructs a hybrid latent space with factorized variational modeling and vector quantization, separates behavioral factors that correlate with access decisions, and aligns selected dimensions with semantic attributes through lightweight supervision. Axis aligned predicates in this space are compiled into structured access policies in a format compatible with XACML policy engines. On CIC-IDS2017, CSE-CIC-IDS2018, and UNSW-NB15, DACL achieves F1 scores up to 0.946 and reduces the weighted structural complexity of the learned policies by 27% to 42% relative to symbolic and neural baselines. The resulting policies remain interpretable, can be linked to subject and resource attributes through external inventories, and can be enforced by standard XACML deployments without relying on pre existing attribute-based access control logs.