Search Results

Documents authored by Tverdyshev, Sergey


Document
System Calls Instrumentation for Intrusion Detection in Embedded Mixed-Criticality Systems

Authors: Marine Kadar, Sergey Tverdyshev, and Gerhard Fohler

Published in: OASIcs, Volume 73, 4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2019)


Abstract
System call relative information such as occurrences, type, parameters, and return values are well established metrics to reveal intrusions in a system software. Many Host Intrusion Detection Systems (HIDS) from research and industry analyze these data for continuous system monitoring at runtime. Despite a significant false alarm rate, this type of defense offers high detection precision for both known and zero-day attacks. Recent research focuses on HIDS deployment for desktop computers. Yet, the integration of such run-time monitoring solution in mixed-criticality embedded systems has not been discussed. Because of the cohabitation of potentially vulnerable non-critical software with critical software, securing mixed-criticality systems is a non trivial but essential issue. Thus, we propose a methodology to evaluate the impact of deploying system call instrumentation in such context. We analyze the impact in a concrete use-case with PikeOS real-time hypervisor.

Cite as

Marine Kadar, Sergey Tverdyshev, and Gerhard Fohler. System Calls Instrumentation for Intrusion Detection in Embedded Mixed-Criticality Systems. In 4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2019). Open Access Series in Informatics (OASIcs), Volume 73, pp. 2:1-2:13, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2019)


Copy BibTex To Clipboard

@InProceedings{kadar_et_al:OASIcs.CERTS.2019.2,
  author =	{Kadar, Marine and Tverdyshev, Sergey and Fohler, Gerhard},
  title =	{{System Calls Instrumentation for Intrusion Detection in Embedded Mixed-Criticality Systems}},
  booktitle =	{4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2019)},
  pages =	{2:1--2:13},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-119-1},
  ISSN =	{2190-6807},
  year =	{2019},
  volume =	{73},
  editor =	{Asplund, Mikael and Paulitsch, Michael},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/OASIcs.CERTS.2019.2},
  URN =		{urn:nbn:de:0030-drops-108933},
  doi =		{10.4230/OASIcs.CERTS.2019.2},
  annote =	{Keywords: Instrumentation, Mixed-criticality, Real-Time, System Calls, Host Intrusion Detection Systems}
}
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail