The ever-growing number of cyber crimes and incidents (i.e., data breaches, privilege escalation, and masquerade attacks) indicates that traditional cyber defense mechanisms designed to manage access control and understand human behavioral intent are unable to protect large organizations against organized malicious attacks. The existing state-of-the-art solutions, extensively rely on human decision making and correlation-based analysis, to understand the anomalous intent of an insider. This consequently leads to data breaches, hence making insider threats one of the biggest challenges faced by the cybersecurity community today. To deal with these issues, new access control architectures and models must focus on the integration of threat analytics, auto-resiliency, and fast response time to mitigate an ongoing threat in a timely manner. In this article, to address these issues and limitations, we propose an integrated access control policy regulation framework, designed on biological principles. The proposed framework provides the ground to efficiently integrate Threat Analytics with Policy Regulation Mechanism against insider threats. Another major contribution of this article is to model access control policy regulation mechanism as an auto-regulatory state transition system, which could autonomously change its state (policy configuration) in real-time against an emergent insider threat. As the last step, with the help of formal methods, we rigorously verify, evaluate, and test the performance of our proposed systems on a real-life threat test dataset.

网络犯罪和事件（例如，数据泄露，特权升级和假装攻击）的数量不断增加，这表明旨在管理访问控制和了解人类行为意图的传统网络防御机制无法保护大型组织免受有组织的恶意攻击。现有的最先进的解决方案广泛依赖于人类决策和基于相关性的分析，以了解内部人员的异常意图。因此，这导致数据泄露，从而使内部威胁成为当今网络安全社区面临的最大挑战之一。为了解决这些问题，新的访问控制体系结构和模型必须专注于威胁分析，自动恢复和快速响应时间的集成，以及时缓解持续存在的威胁。在本文中，为了解决这些问题和局限性，我们提出了一个基于生物学原理的综合访问控制策略法规框架。拟议的框架为有效整合奠定了基础具有针对内部威胁的策略调节机制的威胁分析。本文的另一个主要贡献是将访问控制策略调节机制建模为一种自动调节状态转换系统，该系统可以实时自动自主地更改其状态（策略配置），以应对出现的内部威胁。作为最后一步，在形式化方法的帮助下，我们在真实的威胁测试数据集上严格验证，评估和测试我们提出的系统的性能。