Scenario-Agnostic Zero-Trust Defense with Explainable Threshold Policy: A Meta-Learning Approach

Yunfei Ge, Tao Li, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The increasing connectivity and intricate remote access environment have made traditional perimeter-based network defense vulnerable. Zero trust becomes a promising approach to provide defense policies based on agent-centric trust evaluation. However, the limited observations of the agent's trace bring information asymmetry in the decision-making. To facilitate the human understanding of the policy and the technology adoption, one needs to create a zero-trust defense that is explainable to humans and adaptable to different attack scenarios. To this end, we propose a scenario-agnostic zero-trust defense based on Partially Observable Markov Decision Processes (POMDP) and first-order Meta-Learning using only a handful of sample scenarios. The framework leads to an explainable and generalizable trust-threshold defense policy. To address the distribution shift between empirical security datasets and reality, we extend the model to a robust zero-trust defense minimizing the worst-case loss. We use case studies and real-world attacks to corroborate the results.

Original languageEnglish (US)
Title of host publicationIEEE INFOCOM 2023 - Conference on Computer Communications Workshops, INFOCOM WKSHPS 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665494274
DOIs
StatePublished - 2023
Event2023 IEEE INFOCOM Conference on Computer Communications Workshops, INFOCOM WKSHPS 2023 - Hoboken, United States
Duration: May 20 2023 → …

Publication series

NameIEEE INFOCOM 2023 - Conference on Computer Communications Workshops, INFOCOM WKSHPS 2023

Conference

Conference2023 IEEE INFOCOM Conference on Computer Communications Workshops, INFOCOM WKSHPS 2023
Country/TerritoryUnited States
CityHoboken
Period5/20/23 → …

Keywords

  • Zero-trust security
  • meta learning
  • scenario-agnostic
  • threshold policy

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Hardware and Architecture
  • Signal Processing
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Scenario-Agnostic Zero-Trust Defense with Explainable Threshold Policy: A Meta-Learning Approach'. Together they form a unique fingerprint.

Cite this