{"id":"https://openalex.org/W4402811979","doi":"https://doi.org/10.1109/csr61664.2024.10679435","title":"Detecting Covert Channels in Cloud Access Control Policies Using Large Language Models","display_name":"Detecting Covert Channels in Cloud Access Control Policies Using Large Language Models","publication_year":2024,"publication_date":"2024-09-02","ids":{"openalex":"https://openalex.org/W4402811979","doi":"https://doi.org/10.1109/csr61664.2024.10679435"},"language":"en","primary_location":{"id":"doi:10.1109/csr61664.2024.10679435","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679435","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068963602","display_name":"Hrishikesh Karmarkar","orcid":null},"institutions":[{"id":"https://openalex.org/I55215948","display_name":"Tata Consultancy Services (India)","ror":"https://ror.org/01b9n8m42","country_code":"IN","type":"company","lineage":["https://openalex.org/I4210086519","https://openalex.org/I55215948"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Hrishikesh Karmarkar","raw_affiliation_strings":["TCS Research,Mumbai,India"],"affiliations":[{"raw_affiliation_string":"TCS Research,Mumbai,India","institution_ids":["https://openalex.org/I55215948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113771429","display_name":"Vaibhavi Joshi","orcid":null},"institutions":[{"id":"https://openalex.org/I55215948","display_name":"Tata Consultancy Services (India)","ror":"https://ror.org/01b9n8m42","country_code":"IN","type":"company","lineage":["https://openalex.org/I4210086519","https://openalex.org/I55215948"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Vaibhavi Joshi","raw_affiliation_strings":["TCS Research,Pune,India"],"affiliations":[{"raw_affiliation_string":"TCS Research,Pune,India","institution_ids":["https://openalex.org/I55215948"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5010942252","display_name":"R. Venkatesh","orcid":"https://orcid.org/0000-0002-0174-9908"},"institutions":[{"id":"https://openalex.org/I55215948","display_name":"Tata Consultancy Services (India)","ror":"https://ror.org/01b9n8m42","country_code":"IN","type":"company","lineage":["https://openalex.org/I4210086519","https://openalex.org/I55215948"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"R. Venkatesh","raw_affiliation_strings":["TCS Research,Pune,India"],"affiliations":[{"raw_affiliation_string":"TCS Research,Pune,India","institution_ids":["https://openalex.org/I55215948"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5068963602"],"corresponding_institution_ids":["https://openalex.org/I55215948"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.14244437,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"241","last_page":"246"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9835000038146973,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12357","display_name":"Digital Media Forensic Detection","score":0.9703999757766724,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7426718473434448},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6729965209960938},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.5967223644256592},{"id":"https://openalex.org/keywords/covert","display_name":"Covert","score":0.5429589152336121},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5407403111457825},{"id":"https://openalex.org/keywords/covert-channel","display_name":"Covert channel","score":0.52512127161026},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3591283857822418},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.22625091671943665},{"id":"https://openalex.org/keywords/linguistics","display_name":"Linguistics","score":0.11138439178466797},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09173020720481873}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7426718473434448},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6729965209960938},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.5967223644256592},{"id":"https://openalex.org/C2779338814","wikidata":"https://www.wikidata.org/wiki/Q5179285","display_name":"Covert","level":2,"score":0.5429589152336121},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5407403111457825},{"id":"https://openalex.org/C29024540","wikidata":"https://www.wikidata.org/wiki/Q1476964","display_name":"Covert channel","level":5,"score":0.52512127161026},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3591283857822418},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.22625091671943665},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.11138439178466797},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09173020720481873},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr61664.2024.10679435","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csr61664.2024.10679435","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W1966364460","https://openalex.org/W1966837108","https://openalex.org/W1988818093","https://openalex.org/W1993704367","https://openalex.org/W2122754052","https://openalex.org/W2133487235","https://openalex.org/W2908957302","https://openalex.org/W4211218509"],"related_works":["https://openalex.org/W2409612194","https://openalex.org/W4224042389","https://openalex.org/W174282171","https://openalex.org/W20460883","https://openalex.org/W1587013156","https://openalex.org/W1420645157","https://openalex.org/W4239080508","https://openalex.org/W2326198059","https://openalex.org/W4319780484","https://openalex.org/W4386088729"],"abstract_inverted_index":{"In":[0,89],"the":[1,6,42,49,107,152],"realm":[2],"of":[3,8,17,20,41,48,64,99,109,154],"cloud":[4,21,43,87,143],"computing,":[5],"task":[7,29],"configuring":[9],"access":[10,85,100,114],"control":[11,101,115],"policies":[12,144],"is":[13],"a":[14,27,31,38,96,119,124],"critical":[15],"aspect":[16],"ensuring":[18],"security":[19,46],"resources.":[22,88],"However,":[23],"policy":[24,59,68,132],"configuration":[25,60,133],"remains":[26],"complex":[28],"with":[30],"high":[32],"cognitive":[33],"load":[34],"as":[35],"it":[36,140],"requires":[37],"simultaneous":[39],"understanding":[40],"environment":[44],"and":[45,57,72,94,138],"requirements":[47],"organization.":[50],"This":[51],"often":[52],"creates":[53],"gaps":[54],"between":[55],"intended":[56],"actual":[58,142],"leading":[61],"to":[62,82,86,106,128,145,151],"misconfigurations":[63],"policies.":[65,116],"A":[66],"misconfigured":[67],"can":[69,76],"introduce":[70],"subtle":[71],"unexpected":[73],"vulnerabilities":[74,102,148],"that":[75,103,122],"be":[77],"exploited":[78],"by":[79],"malicious":[80],"entities":[81],"gain":[83],"unauthorized":[84],"this":[90],"paper,":[91],"we":[92],"model":[93],"analyze":[95],"particular":[97],"class":[98],"arise":[104],"due":[105,150],"creation":[108],"covert":[110,155],"channels":[111],"in":[112,135],"role-based":[113],"We":[117],"present":[118],"tool":[120],"CovertHunter":[121],"uses":[123],"Large":[125],"Language":[126],"Model":[127],"recognize":[129],"intent":[130],"behind":[131],"described":[134],"natural":[136],"language":[137],"check":[139],"against":[141],"automatically":[146],"detect":[147],"arising":[149],"presence":[153],"channels.":[156]},"counts_by_year":[],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}