Learning execution contexts from system call distribution for anomaly detection in smart embedded system
Proceedings of the Second International Conference on Internet-of-Things …, 2017•dl.acm.org
Existing techniques used for anomaly detection do not fully utilize the intrinsic properties of
embedded devices. In this paper, we propose a lightweight method for detecting anomalous
executions using a distribution of system call frequencies. We use a cluster analysis to learn
the legitimate execution contexts of embedded applications and then monitor them at run-
time to capture abnormal executions. Our prototype applied to a real-world open-source
embedded application shows that the proposed method can effectively detect anomalous …
embedded devices. In this paper, we propose a lightweight method for detecting anomalous
executions using a distribution of system call frequencies. We use a cluster analysis to learn
the legitimate execution contexts of embedded applications and then monitor them at run-
time to capture abnormal executions. Our prototype applied to a real-world open-source
embedded application shows that the proposed method can effectively detect anomalous …
Existing techniques used for anomaly detection do not fully utilize the intrinsic properties of embedded devices. In this paper, we propose a lightweight method for detecting anomalous executions using a distribution of system call frequencies. We use a cluster analysis to learn the legitimate execution contexts of embedded applications and then monitor them at run-time to capture abnormal executions. Our prototype applied to a real-world open-source embedded application shows that the proposed method can effectively detect anomalous executions without relying on sophisticated analyses or affecting the critical execution paths.
ACM Digital Library以上显示的是最相近的搜索结果。 查看全部搜索结果