Creeper:a tool for detecting permission creep in file system access controls

作     者：Simon Parkinson Saad Khan James Bray Daiyaan Shreef 

作者机构：Department of Computer ScienceSchool of Computing and EngineeringUniversity of HuddersfieldQueensgateHD13DHHuddersfieldUK 

出 版 物：《Cybersecurity》 (网络空间安全科学与技术（英文）)

年 卷 期：2019年第2卷第1期

页      面：239-252页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：This work was undertaken during a project funded by the UK’s Digital Catapult Researcher in Residency Fellowship programme(Grant Ref:EP/M029263/1).The funding supported the research development and empirical testing presented in this paper 

主　　题：Permission creep Access control Auditing χ^2 statistics 

摘      要：Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing *** is certainly true of file systems whereby information needs to be protected against unintended *** permissions often evolve over time,and changes are often made in an ad hoc manner and do not follow any rigorous *** is largely due to the fact that the structure of the implemented permissions are often determined by experts during initial system configuration and documentation is rarely ***,permissions are often not audited due to the volume of information,the requirement of expert knowledge,and the time required to perform manual *** paper presents a novel,unsupervised technique whereby a statistical analysis technique is developed and applied to detect instances of permission *** system(herein refereed to as Creeper)has initially been developed for Microsoft systems;however,it is easily extensible and can be applied to other access control *** analysis has demonstrated good performance and applicability on synthetic file system permissions with an average accuracy of 96%.Empirical analysis is subsequently performed on five real-world systems where an average accuracy of 98%is established.