P. Borges, B. Sousa, Luis Ferreira, Firooz B. Saghezchi, G. Mantas, J. Ribeiro, Jonathan Rodriguez, Luís Cordeiro, P. Simões
{"title":"基于android的PPDR终端混合入侵检测系统研究","authors":"P. Borges, B. Sousa, Luis Ferreira, Firooz B. Saghezchi, G. Mantas, J. Ribeiro, Jonathan Rodriguez, Luís Cordeiro, P. Simões","doi":"10.23919/INM.2017.7987434","DOIUrl":null,"url":null,"abstract":"Mobile devices are used for communication and for tasks that are sensitive and subject to tampering. Indeed, attacks can be performed on the users' devices without user awareness, this represents additional risk in mission critical scenarios, such as Public Protection and Disaster Relief (PPDR). Intrusion Detection Systems are important for scenarios where information leakage is of crucial importance, since they allow to detect possible attacks to information assets (e.g., installation of malware), or can even compromise the security of PPDR personnel. HyIDS is an Hybrid IDS for Android and supporting the stringent security requirements of PPDR, by comprising agents that continuously monitor mobile device and periodically transmit the data to an analysis framework at the Command Control Center (CCC). The data collection retrieves resource usage metrics for each installed application such as CPU, memory usage, and incoming and outgoing network traffic. At the CCC, the HyIDS employs Machine Learning techniques to identify patterns that are consistent with malware signatures based on the data collected from the applications. The HyIDS's evaluation results demonstrate that the proposed solution has low impact on the mobile device in terms of battery consumption and CPU/memory usage.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Towards a Hybrid Intrusion Detection System for Android-based PPDR terminals\",\"authors\":\"P. Borges, B. Sousa, Luis Ferreira, Firooz B. Saghezchi, G. Mantas, J. Ribeiro, Jonathan Rodriguez, Luís Cordeiro, P. Simões\",\"doi\":\"10.23919/INM.2017.7987434\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile devices are used for communication and for tasks that are sensitive and subject to tampering. Indeed, attacks can be performed on the users' devices without user awareness, this represents additional risk in mission critical scenarios, such as Public Protection and Disaster Relief (PPDR). Intrusion Detection Systems are important for scenarios where information leakage is of crucial importance, since they allow to detect possible attacks to information assets (e.g., installation of malware), or can even compromise the security of PPDR personnel. HyIDS is an Hybrid IDS for Android and supporting the stringent security requirements of PPDR, by comprising agents that continuously monitor mobile device and periodically transmit the data to an analysis framework at the Command Control Center (CCC). The data collection retrieves resource usage metrics for each installed application such as CPU, memory usage, and incoming and outgoing network traffic. At the CCC, the HyIDS employs Machine Learning techniques to identify patterns that are consistent with malware signatures based on the data collected from the applications. The HyIDS's evaluation results demonstrate that the proposed solution has low impact on the mobile device in terms of battery consumption and CPU/memory usage.\",\"PeriodicalId\":119633,\"journal\":{\"name\":\"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)\",\"volume\":\"57 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/INM.2017.7987434\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/INM.2017.7987434","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards a Hybrid Intrusion Detection System for Android-based PPDR terminals
Mobile devices are used for communication and for tasks that are sensitive and subject to tampering. Indeed, attacks can be performed on the users' devices without user awareness, this represents additional risk in mission critical scenarios, such as Public Protection and Disaster Relief (PPDR). Intrusion Detection Systems are important for scenarios where information leakage is of crucial importance, since they allow to detect possible attacks to information assets (e.g., installation of malware), or can even compromise the security of PPDR personnel. HyIDS is an Hybrid IDS for Android and supporting the stringent security requirements of PPDR, by comprising agents that continuously monitor mobile device and periodically transmit the data to an analysis framework at the Command Control Center (CCC). The data collection retrieves resource usage metrics for each installed application such as CPU, memory usage, and incoming and outgoing network traffic. At the CCC, the HyIDS employs Machine Learning techniques to identify patterns that are consistent with malware signatures based on the data collected from the applications. The HyIDS's evaluation results demonstrate that the proposed solution has low impact on the mobile device in terms of battery consumption and CPU/memory usage.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
