answer set grammars for representing and learning
play

Answer Set Grammars for Representing and Learning Generative - PowerPoint PPT Presentation

Answer Set Grammars for Representing and Learning Generative Policies Mark Law * , Alessandra Russo * , Elisa Bertino , Seraphine Calo , Dinesh Verma , Irene Manotas , Geeth de Mel , Krysia Broda * , Jorge Lobo * Imperial


  1. Answer Set Grammars for Representing and Learning Generative Policies Mark Law * , Alessandra Russo * , Elisa Bertino § , Seraphine Calo † , Dinesh Verma † , Irene Manotas † , Geeth de Mel †† , Krysia Broda * , Jorge Lobo §§ * Imperial College London, § Purdue University † IBM US, †† IBM UK, §§ ICREA - Universitat Pompeo Fabra

  2. Policy Management of Intelligent Devices and Systems § Future coalition missions will be carried out by distributed intelligent devices and systems § Devices operate in dynamic context (collaboratively or in isolation), in the presence of uncertainty and insecurity § Need for autonomy in distributed coalition intelligence . § Intelligent devices/systems need to self-generate and enforce policies in dynamic and complex setting to support distributed analytics. § Generative policy technology : a solution for automatic evolution and dynamic context-aware generation of instantiated policies.

  3. Why New Generation of Policy Management? Traditional Policy Management Systems (PMS) are limited § Policies are predefined § Manually engineered § Modified by humans when failures are detected Traditional PMS: IETF/DMTF 1 3

  4. Generative Policy Model constraints Policy Management Gaps / Research Challenges policies Tool Interaction policies' graphs representation § Extension of symbolic Autonomous Device machine learning for Context automatic evolution of repository generative policies, Generative Policy amenable to formal Policies representation Local Policy analysis. Policy Adaptation Refinement Point (PAP) Policies Instantiated Learning d Policies e § Dynamic computation of t a s v e i i t c c i Policies Policy Decision A l Policy instantiated policies from o P t Point (PEP) repository s a P generative policies in a Monitoring Policy Enforcement context-aware manner. Requests Point (PEP) Monitoring Actions System Profile 4

  5. Generative Policy Model constraints Policy Management Scientific Theoretical Advancements policies Tool Interaction ASG Generative graphs Policies § Formalisation of notion of Autonomous Device generative policy (ASG), Context key for automatic evolution repository and dynamic instantiation Learned ASG Generative Policy Policies representation Local Policy § Definition of computational Policy Adaptation Refinement Point (PAP) Policies task for learning generative Instantiated ASP - ILASP Past Activated Policies policies Policies Policies Policy Decision Policy Point (PEP) repository § Algorithm for learning Monitoring generative policies Policy Enforcement Requests Point (PEP) Monitoring § Complexity results Actions System Profile 5

  6. Context Free Grammar (CFGs) § G = < G T , G N , G PR , G S > – G T Terminal symbols – G N Non-Terminal symbols – G PR Production Rules – G S Start Node (in G N ) § Each production rule is of the form: n -> n 1 ,…,n k P S -> “a” S “b” S ->

  7. Answer Set Grammars (ASGs) § G = < G T , G N , G PR , G S > – G T Terminal symbols – G N Non-Terminal symbols – G PR Annotated Production Rules – G S Start Node (in G N ) ASP program § Each production rule is of the form: n -> n 1 ,…,n k P § Can represent Context-sensitive Grammars (CSGs) such as a n b n c n , the copy language, the subset-sum language.

  8. Example in ASG Start -> “if” Conditions “then” Action {} Start -> “if” Conditions “then” Action {} Conditions -> “true” {} Conditions -> “true” {} Conditions -> Condition “and” Conditions {} Conditions -> Condition “and” Conditions {} Condition -> Expression “==” Value { Condition -> Expression “==” Value { :- expr_type(X)@1, not type(X)@3. } } Expression -> Device “.” Attribute { Expression -> Device “.” Attribute { expr_type(X) :- att_type(X)@3. } } Value -> [ constant ] Value -> [ constant ] { type(***).} { } Attribute -> “port” Attribute -> “port” { att_type(port). } { } Attribute -> “ip_address” Attribute -> “ip_address” { } { att_type(ip). } Device -> “UAV” {} | “VM” {} Action -> “allow” {} | “deny” {} Action -> “allow” {} | “deny” {} if UAV.ip_address == 45.79.75.202 && UAV.port == 20 then allow if UAV.ip_address == 20 && UAV.port == 45.79.75.202 then allow if UAV.ip_address == 20 && UAV.port == 45.79.75.202 then allow

  9. Theoretical Contributions § Formalisation of ASGs § Definition of the learning task § New algorithm for solving ASG learning tasks § Complexity results on key decision problems: – Bounded-ASG-membership – Bounded-LASG-verification – Bounded-ASG-satisfiability – Bounded-LASG-satisfiability § These contributions along with an evaluation of the approach has recently been submitted to AAAI. The submitted paper is available in CENSE.

  10. ASGs for Policy Generation: In Practice § Execution time : from a policy instance to a decision. § Generation time : from a (learned) ASG to a policy instance. § Learning time : from examples to ASGs (representing generative policy). Policy Generation Generative Policy Learning Policy Answer Set Examples of Answer Set Policy Specification Learning task Grammar ILASP contexts & Grammar Specification Policy Answer Set Answer Set decisions Instance Program Solver Contextual information

  11. Answer Set Grammar Induction § ASG learning task T = <G, S M , E + , E - > – G An existing “background knowledge” grammar – S M A hypothesis space – E + and E - positive and negative examples of strings § Task is to find the shortest extension of G using the ASP rules in S M such that all examples are covered. § We have shown that learning only the context-sensitive conditions can be more efficient than learning the full ASG. – In some cases, we may only need to learn some conditions.

  12. Example learning task E + = { UAV Whitelist: “if UAV.ip_address == 146.179.40.24 && UAV.port == 20 then allow” IP Address Port “if UAV.ip_address == 129.42.38.09 && UAV.port == 10 then deny” “if true then deny” 146.179.40.24 20 ... 129.42.38.10 10 } 29.11.18.98 20 E - = { “if true then allow” 31.7.196.5 22 “if UAV.ip_address == 129.42.38.10 && UAV.port == 10 then deny” ... } Start -> “if” Conditions “then” Action { :- allow@4, #false : whitelist(IP, PT), val(”UAV”, “ip”, IP)@2, val(”UAV”, “port”, PT)@2. :- deny@4, whitelist(IP, PT), val(”UAV”, “ip”, IP)@2, val(”UAV”, “port”, PT)@2. } Conditions -> “true” {} Conditions -> Condition “and” Conditions { val(X, Y, Z) :- val(X, Y, Z)@1. val(X, Y, Z) :- val(X, Y, Z)@3. } Condition -> Expression “==” Value { :- expr_type(X)@1, not type(X)@3. val(NAME, ATT, VAL) :- device(NAME)@1, expr_type(ATT)@1, val(VAL)@3. } ...

  13. Next Steps: Learning from Policy Decisions § Our current implementation learns from strings (i.e. policies) § This can be upgraded to learning from decisions Generative Policy learning task T = <G, S M , E + , E - > – G An existing “background knowledge” grammar – S M A hypothesis space – E + and E - positive/negative examples of contexts and decisions § E.g. in a given context, an example UAV should be denied access. § Our current implementation can be easily extended to handle decision examples.

  14. Next Steps: Policy Preference Learning § A single ASG may have many strings in its language. § Generated policies could be: – The union of all strings in the language. – A single string from the language. § In the second case, some policies may be better than others. – ASP supports preferences encoded as weak constraints. – These can be learned with ILASP. § We will learn from examples of preferred policies/decisions.

  15. Conclusion § Formalised Answer Set Grammars, and Answer Set Grammar Induction. § Shown that ASGs can represent Context-sensitive Grammars. § In the context of policy learning, we can learn context- sensitive conditions on when certain policies apply. § Next steps are to learn from decisions , and learn which policies are preferred.

  16. Set of Papers Published in P2T1 § The Generative Policy Approach for Dynamic Collaboration in Coalition Environments, SPIE DSS 2018, Orlando, FL, April 2018. § A Policy System for Control of Data Fusion Processes and Derived Data“, 21st International Conference on Information Fusion, Cambridge, UK, July 2018 (joint paper T1-T2). § Self Generating Policies for Training Data Curation in Coalition Environments, PADG Workshop, Barcelona, Spain, Sept. 2018. § AGENP: An ASGrammar-based GENerative Policy Framework, PADG Workshop, Barcelona, Spain, Sept. 2018. § The Challenge of Access Control Policies Quality, ACM Journal of Data and Information Quality (in print). Methods and Tools for Policy Analysis, accepted for publication in ACM Computing § Surveys . 16

  17. Back up slide: results. 17

Recommend


More recommend