Creative Commons Attribution 3.0 Unported license (CC-BY 3.0)when quoting this document, please refer to the following
DOI: 10.4230/OASIcs.CERTS.2019.2
URN: urn:nbn:de:0030-drops-108933
URL: https://drops.dagstuhl.de/opus/volltexte/2019/10893/
Kadar, Marine ; Tverdyshev, Sergey ; Fohler, Gerhard
System Calls Instrumentation for Intrusion Detection in Embedded Mixed-Criticality Systems
| pdf-format: |
|
Abstract
System call relative information such as occurrences, type, parameters, and return values are well established metrics to reveal intrusions in a system software. Many Host Intrusion Detection Systems (HIDS) from research and industry analyze these data for continuous system monitoring at runtime. Despite a significant false alarm rate, this type of defense offers high detection precision for both known and zero-day attacks. Recent research focuses on HIDS deployment for desktop computers. Yet, the integration of such run-time monitoring solution in mixed-criticality embedded systems has not been discussed. Because of the cohabitation of potentially vulnerable non-critical software with critical software, securing mixed-criticality systems is a non trivial but essential issue. Thus, we propose a methodology to evaluate the impact of deploying system call instrumentation in such context. We analyze the impact in a concrete use-case with PikeOS real-time hypervisor.
BibTeX - Entry
@InProceedings{kadar_et_al:OASIcs:2019:10893,
author = {Marine Kadar and Sergey Tverdyshev and Gerhard Fohler},
title = {{System Calls Instrumentation for Intrusion Detection in Embedded Mixed-Criticality Systems}},
booktitle = {4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2019)},
pages = {2:1--2:13},
series = {OpenAccess Series in Informatics (OASIcs)},
ISBN = {978-3-95977-119-1},
ISSN = {2190-6807},
year = {2019},
volume = {73},
editor = {Mikael Asplund and Michael Paulitsch},
publisher = {Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik},
address = {Dagstuhl, Germany},
URL = {http://drops.dagstuhl.de/opus/volltexte/2019/10893},
URN = {urn:nbn:de:0030-drops-108933},
doi = {10.4230/OASIcs.CERTS.2019.2},
annote = {Keywords: Instrumentation, Mixed-criticality, Real-Time, System Calls, Host Intrusion Detection Systems}
}
| Keywords: | Instrumentation, Mixed-criticality, Real-Time, System Calls, Host Intrusion Detection Systems | |
| Seminar: | 4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2019) | |
| Issue date: | 2019 | |
| Date of publication: | 29.07.2019 |
