Exploring ICMetrics to detect abnormal program behaviour on embedded devices

ZHAI, Xiaojun, APPIAH, Kofi, EHSAN, Shoaib, HOWELLS, Gareth, HU, Huosheng, GU, Dongbing and MCDONALD-MAIER, Klaus (2015). Exploring ICMetrics to detect abnormal program behaviour on embedded devices. Journal of Systems Architecture, 61 (10), 567 - 575.

Full text not available from this repository.
Official URL: http://www.sciencedirect.com/science/article/pii/S...
Link to published version:: https://doi.org/10.1016/j.sysarc.2015.07.007
Related URLs:

    Abstract

    Abstract Execution of unknown or malicious software on an embedded system may trigger harmful system behaviour targeted at stealing sensitive data and/or causing damage to the system. It is thus considered a potential and significant threat to the security of embedded systems. Generally, the resource constrained nature of commercial off-the-shelf (COTS) embedded devices, such as embedded medical equipment, does not allow computationally expensive protection solutions to be deployed on these devices, rendering them vulnerable. A Self-Organising Map (SOM) based and Fuzzy C-means based approaches are proposed in this paper for detecting abnormal program behaviour to boost embedded system security. The presented technique extracts features derived from processor’s Program Counter (PC) and Cycles per Instruction (CPI), and then utilises the features to identify abnormal behaviour using the SOM. Results achieved in our experiment show that the proposed SOM based and Fuzzy C-means based methods can identify unknown program behaviours not included in the training set with 90.9 and 98.7 accuracy.

    Item Type: Article
    Additional Information: Special section on Architecture of Computing Systems edited by Editors: Wolfgang Karl, Erik Maehle, Kay Römer, Eduardo Tovar, Martin Danek Special section on Testing, Prototyping, and Debugging of Multi-Core Architectures edited by Editors: Frank Hannig & Andreas Herkersdorf Special section on Embedded Vision Architectures and Applications edited by Editors: Christophe Bobda, Walter Stechele, Ali Ahmadinia and Miaoqing Huang
    Uncontrolled Keywords: Embedded system security, Abnormal behaviour detection, Intrusion detection, Self-Organising Map
    Research Institute, Centre or Group - Does NOT include content added after October 2018: Cultural Communication and Computing Research Institute > Communication and Computing Research Centre
    Identification Number: https://doi.org/10.1016/j.sysarc.2015.07.007
    Page Range: 567 - 575
    Depositing User: Kofi Appiah
    Date Deposited: 17 Jan 2018 14:10
    Last Modified: 28 Mar 2020 15:17
    URI: http://shura.shu.ac.uk/id/eprint/18384

    Actions (login required)

    View Item View Item

    Downloads

    Downloads per month over past year

    View more statistics