Hierarchical framework for runtime intrusion detection in embedded systems
Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessi...
Saved in:
| Main Authors: | , , |
|---|---|
| 其他作者: | |
| 格式: | Conference or Workshop Item |
| 語言: | English |
| 出版: |
2021
|
| 主題: | |
| 在線閱讀: | https://hdl.handle.net/10356/147718 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 機構: | Nanyang Technological University |
| 語言: | English |
| 總結: | Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessitated in multitude of embedded devices used in critical systems. To overcome this limitation of existing intrusion detection systems, this paper proposes a lightweight runtime hierarchical multimodal intrusion detection framework that can be realized on resource-constrained embedded systems. This work relies on various features such as power trace, System Call (SYSCALL) trace and Hardware Performance Counter (HPC) by leveraging the strengths of the individual features and combining them intelligently to overcome their individual limitations. Using a number of case studies, the proposed framework has been shown to reliably detect intrusion of different types at runtime, while still being sufficiently lightweight to be deployed in resource- constrained embedded systems. |
|---|