A Dynamic RBAC Framework For Real-Time Detection And Prevention Of Unauthorized Access In Text-Based Generative AI Systems

Dida, Jarso Dulacha (2025) A Dynamic RBAC Framework For Real-Time Detection And Prevention Of Unauthorized Access In Text-Based Generative AI Systems. Masters thesis, Institut Teknologi Sepuluh Nopember.

[thumbnail of 6026241025-Master_Thesis.pdf] Text
6026241025-Master_Thesis.pdf - Accepted Version
Restricted to Repository staff only
Download (11MB) | Request a copy

Abstract

istem AI Generatif berbasis teks memainkan peran penting dalam sektor-sektor seperti perawatan kesehatan, keuangan, dan keamanan siber dengan memungkinkan otomatisasi cerdas, meningkatkan pengambilan keputusan, dan meningkatkan layanan seperti diagnostik berbantuan AI, deteksi penipuan, dan analisis data yang aman. Namun, sistem ini menghadapi tantangan keamanan yang serius, khususnya akses tidak sah, yang mengancam data sensitif dan integritas sistem. Model Kontrol Akses Berbasis Peran (RBAC) tradisional, pendekatan keamanan yang membatasi akses pengguna berdasarkan peran yang telah ditentukan sebelumnya dan izin terkait, tidak cukup karena sifat statisnya tidak dapat mengimbangi perubahan perilaku pengguna atau ancaman kontekstual, sehingga sistem terbuka terhadap penggunaan yang tidak sah. Untuk mengatasi hal ini, penelitian saya mengusulkan kerangka kerja RBAC dinamis yang berfokus pada pencegahan akses tidak sah melalui deteksi anomali waktu nyata yang didukung oleh metode pembelajaran mesin: Hutan Isolasi untuk menemukan perilaku pengguna yang tidak biasa dan model LLaMA yang disempurnakan untuk memahami maksud pengguna dan isyarat kontekstual. Dengan terus memantau aktivitas pengguna dan mendeteksi pola akses abnormal, sistem menyesuaikan izin secara dinamis berdasarkan sinyal perilaku dan kontekstual, memastikan akses dikontrol tidak hanya oleh peran yang telah ditentukan sebelumnya tetapi juga oleh indikator kepercayaan waktu nyata. Studi ini mengembangkan prototipe untuk mendemonstrasikan kelayakan dan efektivitas kerangka kerja RBAC dinamis yang mengintegrasikan deteksi anomali dan analisis maksud. Kerangka kerja ini secara signifikan meningkatkan deteksi dan pencegahan akses tidak sah, mengurangi positif palsu, dan memperkuat keamanan sistem secara keseluruhan di lingkungan sensitif tempat sistem AI Generatif diterapkan
===================================================================================================================================
Text-based Generative AI systems play an essential role in sectors like healthcare, finance, and cybersecurity by enabling intelligent automation, improving decision-making, and enhancing services such as AI-assisted diagnostics, fraud detection, and secure data analysis. However, these systems face serious security challenges, particularly unauthorized access, which threatens sensitive data and system integrity. Traditional Role-Based Access Control (RBAC) models, a security approach that restricts user access based on predefined roles and associated permissions, are not enough because their static nature cannot keep up with changing user behaviors or contextual threats, leaving systems open to unauthorized use. To fix this, my research proposes a dynamic RBAC framework that focuses on preventing unauthorized access through real-time anomaly detection powered by machine learning methods: Isolation Forest to spot unusual user behavior and a fine-tuned LLaMA model to understand user intent and contextual cues. By continuously monitoring user activity and detecting abnormal access patterns, the system adjusts permissions dynamically based on behavioral and contextual signals, ensuring access is controlled not only by predefined roles but also by real-time trust indicators. This study develops a prototype to demonstrate the feasibility and effectiveness of a dynamic RBAC framework that integrates anomaly detection and intent analysis. This framework significantly improves the detection and prevention of unauthorized access, reduces false positives, and strengthens overall system security in sensitive environments where Generative AI systems are deployed

Item Type: Thesis (Masters)
Uncontrolled Keywords: Keamanan AI Generatif, Kontrol Akses Berbasis Peran Dinamis (RBAC), Kontrol Akses Berbasis Perilaku, Kontrol Akses Waktu Nyata, Kontrol Akses Berbasis Konteks, Kontrol Akses Berlapis; Generative AI Security, Dynamic Role-Based Access Control (RBAC), Behavior-Based Access Control, Real-Time Access Control, Context-Aware Access Control, Multi-Layered Access Control
Subjects: Q Science > QA Mathematics > QA336 Artificial Intelligence
Q Science > QA Mathematics > QA76.9.A25 Computer security. Digital forensic. Data encryption (Computer science)
Divisions: Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Information System > 59101-(S2) Master Thesis
Depositing User: EKO BUDI RAHARJO
Date Deposited: 03 Dec 2025 07:25
Last Modified: 03 Dec 2025 07:25
URI: http://repository.its.ac.id/id/eprint/128857

Actions (login required)

View Item View Item