Checking Network Security Policy Violations via Natural Language Questions

Pinyi Shi, Yongwook Song, Zongming Fei, James Griffioen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Network security policies provide high-level directives regarding acceptable and unacceptable use of the network. Organizations specify these high-level directives in policy documents written using human-readable natural language. The challenge is to convert these natural language policies to the network configurations/specifications needed to enforce the policy. Network administrators, who are responsible for enforcing the policies, typically translate the policies manually, which is a challenging and error-prone process. As a result, network operators (as well as the policy authors) often want to verify that network policies are being correctly enforced. In this paper, we propose Network Policy Conversation Engine (NPCE), a system designed to help network operators (or policy writers) interact with the network using natural language (similar to the language used in the network policy statements themselves) to understand whether policies are being correctly enforced. The system leverages emerging big data collection and analysis techniques to record flow and packet level activity throughout the network that can be used to answer users policy questions. The system also takes advantage of recent advances in Natural Language Processing (NLP) to translate natural language policy questions into the corresponding network queries. To evaluate our system, we demonstrate a wide range of policy questions - inspired by actual networks policies posted on university websites - that can be asked of the system to determine if a policy violation has occurred.

Original languageEnglish
Title of host publication30th International Conference on Computer Communications and Networks, ICCCN 2021
ISBN (Electronic)9780738113302
DOIs
StatePublished - Jul 2021
Event30th International Conference on Computer Communications and Networks, ICCCN 2021 - Virtual, Athens, Greece
Duration: Jul 19 2021Jul 22 2021

Publication series

NameProceedings - International Conference on Computer Communications and Networks, ICCCN
Volume2021-July
ISSN (Print)1095-2055

Conference

Conference30th International Conference on Computer Communications and Networks, ICCCN 2021
Country/TerritoryGreece
CityVirtual, Athens
Period7/19/217/22/21

Bibliographical note

Funding Information:
This work was supported in part by the National Science Foundation under Grant ACI-1642134.

Publisher Copyright:
© 2021 IEEE.

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software

Fingerprint

Dive into the research topics of 'Checking Network Security Policy Violations via Natural Language Questions'. Together they form a unique fingerprint.

Cite this