Muhamed Fauzi Bin Abbas, Alok Prakash, T. Srikanthan
{"title":"嵌入式系统运行时入侵检测的分层框架","authors":"Muhamed Fauzi Bin Abbas, Alok Prakash, T. Srikanthan","doi":"10.23919/TRONSHOW48796.2019.9166145","DOIUrl":null,"url":null,"abstract":"Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessitated in multitude of embedded devices used in critical systems. To overcome this limitation of existing intrusion detection systems, this paper proposes a lightweight runtime hierarchical multimodal intrusion detection framework that can be realized on resource-constrained embedded systems. This work relies on various features such as power trace, System Call (SYSCALL) trace and Hardware Performance Counter (HPC) by leveraging the strengths of the individual features and combining them intelligently to overcome their individual limitations. Using a number of case studies, the proposed framework has been shown to reliably detect intrusion of different types at runtime, while still being sufficiently lightweight to be deployed in resource- constrained embedded systems.","PeriodicalId":378547,"journal":{"name":"2019 TRON Symposium (TRONSHOW)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Hierarchical Framework for Runtime Intrusion Detection in Embedded Systems\",\"authors\":\"Muhamed Fauzi Bin Abbas, Alok Prakash, T. Srikanthan\",\"doi\":\"10.23919/TRONSHOW48796.2019.9166145\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessitated in multitude of embedded devices used in critical systems. To overcome this limitation of existing intrusion detection systems, this paper proposes a lightweight runtime hierarchical multimodal intrusion detection framework that can be realized on resource-constrained embedded systems. This work relies on various features such as power trace, System Call (SYSCALL) trace and Hardware Performance Counter (HPC) by leveraging the strengths of the individual features and combining them intelligently to overcome their individual limitations. Using a number of case studies, the proposed framework has been shown to reliably detect intrusion of different types at runtime, while still being sufficiently lightweight to be deployed in resource- constrained embedded systems.\",\"PeriodicalId\":378547,\"journal\":{\"name\":\"2019 TRON Symposium (TRONSHOW)\",\"volume\":\"49 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 TRON Symposium (TRONSHOW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/TRONSHOW48796.2019.9166145\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 TRON Symposium (TRONSHOW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/TRONSHOW48796.2019.9166145","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Hierarchical Framework for Runtime Intrusion Detection in Embedded Systems
Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessitated in multitude of embedded devices used in critical systems. To overcome this limitation of existing intrusion detection systems, this paper proposes a lightweight runtime hierarchical multimodal intrusion detection framework that can be realized on resource-constrained embedded systems. This work relies on various features such as power trace, System Call (SYSCALL) trace and Hardware Performance Counter (HPC) by leveraging the strengths of the individual features and combining them intelligently to overcome their individual limitations. Using a number of case studies, the proposed framework has been shown to reliably detect intrusion of different types at runtime, while still being sufficiently lightweight to be deployed in resource- constrained embedded systems.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
