A Method for Detecting Abnormal Program Behavior on Embedded Devices

Zhai Xiaojun; Appiah Kofi; Ehsan Shoaib; Howells Gareth; Hu Huosheng; Gu Dongbing; McDonald-Maier Klaus D.

首页> 外文期刊>Information Forensics and Security, IEEE Transactions on >A Method for Detecting Abnormal Program Behavior on Embedded Devices

【24h】

A Method for Detecting Abnormal Program Behavior on Embedded Devices

机译：一种检测嵌入式设备程序异常行为的方法

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

A potential threat to embedded systems is the execution of unknown or malicious software capable of triggering harmful system behavior, aimed at theft of sensitive data or causing damage to the system. Commercial off-the-shelf embedded devices, such as embedded medical equipment, are more vulnerable as these type of products cannot be amended conventionally or have limited resources to implement protection mechanisms. In this paper, we present a self-organizing map (SOM)-based approach to enhance embedded system security by detecting abnormal program behavior. The proposed method extracts features derived from processor’s program counter and cycles per instruction, and then utilises the features to identify abnormal behavior using the SOM. Results achieved in our experiment show that the proposed method can identify unknown program behaviors not included in the training set with over 98.4% accuracy.

机译：对嵌入式系统的潜在威胁是执行未知的或恶意的软件，这些软件能够触发有害的系统行为，旨在盗窃敏感数据或对系统造成破坏。诸如嵌入式医疗设备之类的商用现成嵌入式设备更容易受到攻击，因为这些类型的产品无法进行常规修改或用于实施保护机制的资源有限。在本文中，我们提出了一种基于自组织映射（SOM）的方法，通过检测异常程序行为来增强嵌入式系统的安全性。提出的方法提取从处理器的程序计数器和每个指令的周期派生的功能，然后利用这些功能通过SOM识别异常行为。在我们的实验中获得的结果表明，所提出的方法可以识别出不包含在训练集中的未知程序行为，其准确性超过98.4％。

著录项

来源
《Information Forensics and Security, IEEE Transactions on》 |2015年第8期|1692-1704|共13页
作者
Zhai Xiaojun; Appiah Kofi; Ehsan Shoaib; Howells Gareth; Hu Huosheng; Gu Dongbing; McDonald-Maier Klaus D.;
展开▼
作者单位

, University of Essex, Colchester, U.K.;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Embedded system security; Self-Organising Map; abnormal behaviour detection; intrusion detection; self-organising map;

机译：嵌入式系统安全性;自组织图;异常行为检测;入侵检测;自组织图;

相似文献

外文文献
中文文献
专利

1. Exploring ICMetrics to detect abnormal program behaviour on embedded devices [J] . Zhai Xiaojun, Appiah Kofi, Ehsan Shoaib, Journal of systems architecture . 2015,第10期

机译：探索ICMetrics以检测嵌入式设备上的异常程序行为
2. Simple and effective method for detecting abnormal internet behaviors of mobile devices [J] . Chen Patrick Shicheng, Lin Shu-Chiung, Sun Chien-Hsing Information Sciences: An International Journal . 2015,第Null期

机译：一种简单有效的检测移动设备互联网异常行为的方法
3. Ten years of breast screening in the Nova Scotia Breast Screening Program, 1991-2001. experience: use of an adaptable stereotactic device in the diagnosis of screening-detected abnormalities. [J] . Caines JS, Schaller GH, Iles SE, Canadian Association of Radiologists journal . 2005,第2期

机译：1991-2001年，新斯科舍省乳房筛查计划对乳房进行了十年筛查。经验：在筛查检测到的异常的诊断中使用自适应的立体定向设备。
4. A Novel Method to Detect Program Malfunctioning on Embedded Devices Using Run-Time Trace [C] . Garima Singhal, Sahadev Roy International communications conference . 2019

机译：使用运行时跟踪检测嵌入式设备上程序故障的新方法
5. Detecting Abnormal Social Robot Behavior through Emotion Recognition [D] . Rajapaksha Pathiranage, Subhash 2019

机译：通过情绪识别检测社交机器人异常行为
6. Knowledge-Based Verification of Concatenative Programming Patterns Inspired by Natural Language for Resource-Constrained Embedded Devices [O] . Salvatore Gaglio, Giuseppe Lo Re, Gloria Martorella, 2021

机译：基于知识的基于知识编程模式的验证受到资源受限嵌入式设备的自然语言的启发
7. A Method for Detecting Abnormal Program Behavior on Embedded Devices [O] . Xiaojun Zhai, Shoaib Ehsan, Gareth Howells, 2016

机译：一种检测嵌入式设备异常程序行为的方法
8. Generation of Controlled Analog Emissions from Embedded Devices using Software Stress Methods. [R] . Sternberg, O., Nelson, J. H., Perez, I., 2017

机译：使用软件应力方法生成嵌入式设备的受控模拟发射。

A Method for Detecting Abnormal Program Behavior on Embedded Devices

摘要

著录项

相似文献

相关主题

期刊订阅