Hierarchical framework for runtime intrusion detection in embedded systems

Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessi...

全面介紹

Saved in:
書目詳細資料
Main Authors: Muhamed Fauzi Bin Abbas, Prakash, Alok, Srikanthan, Thambipillai
其他作者: School of Computer Science and Engineering
格式: Conference or Workshop Item
語言:English
出版: 2021
主題:
在線閱讀:https://hdl.handle.net/10356/147718
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
機構: Nanyang Technological University
語言: English
實物特徵
總結:Existing intrusion detection systems typically rely on one or a few features to detect anomalies or intrusion in a system. Their ability to successfully detect intrusion largely hinges on these limited features, which often do not provide for a comprehensive and runtime detection, especially necessitated in multitude of embedded devices used in critical systems. To overcome this limitation of existing intrusion detection systems, this paper proposes a lightweight runtime hierarchical multimodal intrusion detection framework that can be realized on resource-constrained embedded systems. This work relies on various features such as power trace, System Call (SYSCALL) trace and Hardware Performance Counter (HPC) by leveraging the strengths of the individual features and combining them intelligently to overcome their individual limitations. Using a number of case studies, the proposed framework has been shown to reliably detect intrusion of different types at runtime, while still being sufficiently lightweight to be deployed in resource- constrained embedded systems.