We're working on a way to tackle the complexity of SELinux policies by using graph-based machine learning to automate policy analysis and anomaly detection. SELinux enforces security through strict access controls, but the intricacy of its policies makes it hard to manage and troubleshoot effectively. Our approach represents policies as graphs and uses node embedding (like Node2Vec) to train models for identifying policy violations more efficiently.
SELinux has become widely adopted for security on Linux systems, but misconfigured policies can lead to unauthorized actions and security issues. Our method aims to make it easier for admins to detect and adjust misconfigurations, potentially reducing vulnerability risks. Early results are promising, and we’re excited about the potential to make SELinux management more intuitive.
IEEE ICIR (2024)
- KJ
Talking with other distro maintainers at companies like AWS, I realized this complexity is a common problem across the ecosystem. That inspired me to dive into a machine learning approach to tackle it - excited to see where this project leads!