Christopher Zimmer, B. Bhat, F. Mueller, Sibin Mohan
{"title":"网络物理系统中基于时间的入侵检测","authors":"Christopher Zimmer, B. Bhat, F. Mueller, Sibin Mohan","doi":"10.1145/1795194.1795210","DOIUrl":null,"url":null,"abstract":"Embedded systems, particularly real-time systems with temporal constraints, are increasingly deployed in every day life. Such systems that interact with the physical world are also referred to as cyber-physical systems (CPS). These systems commonly find use in critical infrastructure from transportation to health care. While security in CPS-based real-time embedded systems has been an afterthought, it is becoming a critical issue as these systems are increasingly networked and inter-dependent. The advancement in their functionality has resulted in more conspicuous interfaces that may be exploited to attack them.\n In this paper, we present three mechanisms for time-based intrusion detection. More specifically, we detect the execution of unauthorized instructions in real-time CPS environments. Such intrusion detection utilizes information obtained by static timing analysis. For real-time CPS systems, timing bounds on code sections are readily available as they are already determined prior to the schedulability analysis. We demonstrate how to provide micro-timings for multiple granularity levels of application code. Through bounds checking of these micro-timings, we develop techniques to detect intrusions (1) in a self-checking manner by the application and (2) through the operating system scheduler, which are novel contributions to the real-time/embedded systems domain to the best of our knowledge.","PeriodicalId":6619,"journal":{"name":"2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS)","volume":"14 1","pages":"109-118"},"PeriodicalIF":0.0000,"publicationDate":"2010-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"117","resultStr":"{\"title\":\"Time-based intrusion detection in cyber-physical systems\",\"authors\":\"Christopher Zimmer, B. Bhat, F. Mueller, Sibin Mohan\",\"doi\":\"10.1145/1795194.1795210\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Embedded systems, particularly real-time systems with temporal constraints, are increasingly deployed in every day life. Such systems that interact with the physical world are also referred to as cyber-physical systems (CPS). These systems commonly find use in critical infrastructure from transportation to health care. While security in CPS-based real-time embedded systems has been an afterthought, it is becoming a critical issue as these systems are increasingly networked and inter-dependent. The advancement in their functionality has resulted in more conspicuous interfaces that may be exploited to attack them.\\n In this paper, we present three mechanisms for time-based intrusion detection. More specifically, we detect the execution of unauthorized instructions in real-time CPS environments. Such intrusion detection utilizes information obtained by static timing analysis. For real-time CPS systems, timing bounds on code sections are readily available as they are already determined prior to the schedulability analysis. We demonstrate how to provide micro-timings for multiple granularity levels of application code. Through bounds checking of these micro-timings, we develop techniques to detect intrusions (1) in a self-checking manner by the application and (2) through the operating system scheduler, which are novel contributions to the real-time/embedded systems domain to the best of our knowledge.\",\"PeriodicalId\":6619,\"journal\":{\"name\":\"2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS)\",\"volume\":\"14 1\",\"pages\":\"109-118\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-04-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"117\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1795194.1795210\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1795194.1795210","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Time-based intrusion detection in cyber-physical systems
Embedded systems, particularly real-time systems with temporal constraints, are increasingly deployed in every day life. Such systems that interact with the physical world are also referred to as cyber-physical systems (CPS). These systems commonly find use in critical infrastructure from transportation to health care. While security in CPS-based real-time embedded systems has been an afterthought, it is becoming a critical issue as these systems are increasingly networked and inter-dependent. The advancement in their functionality has resulted in more conspicuous interfaces that may be exploited to attack them.
In this paper, we present three mechanisms for time-based intrusion detection. More specifically, we detect the execution of unauthorized instructions in real-time CPS environments. Such intrusion detection utilizes information obtained by static timing analysis. For real-time CPS systems, timing bounds on code sections are readily available as they are already determined prior to the schedulability analysis. We demonstrate how to provide micro-timings for multiple granularity levels of application code. Through bounds checking of these micro-timings, we develop techniques to detect intrusions (1) in a self-checking manner by the application and (2) through the operating system scheduler, which are novel contributions to the real-time/embedded systems domain to the best of our knowledge.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
