[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3054977.3057312acmconferencesArticle/Chapter ViewAbstractPublication PagesiotdiConference Proceedingsconference-collections
short-paper

Detecting Abnormalities in IoT Program Executions through Control-Flow-Based Features: Poster Abstract

Published: 18 April 2017 Publication History

Abstract

The Internet of Things (IoT) has penetrated various domains, from smart grids to precision agriculture, facilitating remote sensing and control. However, IoT devices are target to a spectrum of reliability and security issues. Therefore, capturing the normal behavior of these devices and detecting abnormalities in program execution is key for reliable deployment. However, existing program anomaly detection techniques that use either flow-sensitive or context-sensitive information only capture system call context and therefore have limited detection scope and accuracy. Control-flow information generated on these devices can capture the paths taken during program execution. In this poster abstract, we propose using context-sensitive features based on control-flow and discuss their effectiveness in detecting anomalous behavior.

References

[1]
T. Ball and J. R. Larus. 1996. Efficient Path Profiling. In MICRO'29. 46--57.
[2]
H.H. Feng, O. M. Kolesnikov, P. Fogla, W. Lee, and W. Gong. 2003. Anomaly Detection Using Call Stack Information. In IEEE S&P.
[3]
S. Forrest, S. A. Hofmeyr, A. Somayaji, and T. A. Longstaff. 1996. A Sense Of Self For Unix Processes. In IEEE S&P.
[4]
D. Gao, M. K. Reiter, and D. Song. 2009. Beyond Output Voting: Detecting Compromised Replicas Using HMM-Based Behavioral Distance. IEEE TDSC (2009).
[5]
J. T. Giffin, S. Jha, and B. P. Miller. 2004. Efficient Context-sensitive Intrusion Detection. In NDSS.
[6]
C. Liu, X. Yan, and J. Han. 2006. Mining Control Flow Abnormality for Logic Error Isolation. In SDM.
[7]
V. Sundaram, P. Eugster, X. Zhang, and V. Addanki. 2013. Diagnostic Tracing for Wireless Sensor Networks. ACM TOSN (2013).
[8]
C. Warrender, S. Forrest, and B. Pearlmutter. 1999. Detecting Intrusions Using System Calls: Alternative Data Models. In IEEE S&P.
[9]
C. Wressnegger, G. Schwenk, D. Arp, and K. Rieck. 2013. A Close Look on N-grams in Intrusion Detection: Anomaly Detection vs. Classification. In ACM AISec.
[10]
K. Xu, K. Tian, D. Yao, and B. G. Ryder. 2016. A Sharper Sense of Self: Probabilistic Reasoning of Program Behaviors for Anomaly Detection with Context Sensitivity. In IEEE DSN.
[11]
K. Xu, D. D. Yao, B. G. Ryder, and K. Tian. 2015. Probabilistic Program Modeling for High-Precision Anomaly Classification. In IEEE CSF.
[12]
E. N. Yolacan. 2014. Learning from Sequential Data for Anomaly Detection. In Northeastern University, Boston, Massachusetts.

Cited By

View all
  • (2022)HADES-IoT: A Practical and Effective Host-Based Anomaly Detection System for IoT Devices (Extended Version)IEEE Internet of Things Journal10.1109/JIOT.2021.31357899:12(9640-9658)Online publication date: 15-Jun-2022
  • (2021)Sensitive Instruction Detection Based on the Context of IoT Sensors2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)10.1109/DSN-W52860.2021.00030(121-128)Online publication date: Jun-2021
  • (2020)DDOS Multivariate Information Fusion Model Based on Hierarchical Representation LearningCyberspace Safety and Security10.1007/978-3-030-37352-8_5(57-66)Online publication date: 3-Jan-2020
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences
IoTDI '17: Proceedings of the Second International Conference on Internet-of-Things Design and Implementation
April 2017
353 pages
ISBN:9781450349666
DOI:10.1145/3054977
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 April 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Anomaly Detection
  2. Ball-Larus Path Profiling
  3. Contextsensitive modeling
  4. Control-Flow
  5. Security and Reliability

Qualifiers

  • Short-paper
  • Research
  • Refereed limited

Conference

IoTDI '17
Sponsor:

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)0
Reflects downloads up to 05 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2022)HADES-IoT: A Practical and Effective Host-Based Anomaly Detection System for IoT Devices (Extended Version)IEEE Internet of Things Journal10.1109/JIOT.2021.31357899:12(9640-9658)Online publication date: 15-Jun-2022
  • (2021)Sensitive Instruction Detection Based on the Context of IoT Sensors2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)10.1109/DSN-W52860.2021.00030(121-128)Online publication date: Jun-2021
  • (2020)DDOS Multivariate Information Fusion Model Based on Hierarchical Representation LearningCyberspace Safety and Security10.1007/978-3-030-37352-8_5(57-66)Online publication date: 3-Jan-2020
  • (2019)HADES-IoTProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3329847(479-484)Online publication date: 2-Jul-2019
  • (2019)Memory Leak Detection in IoT Program Based on an Abstract Memory Model SeqMMIEEE Access10.1109/ACCESS.2019.29511687(158904-158916)Online publication date: 2019
  • (2018)A systematic review on intrusion detection based on the Hidden Markov ModelStatistical Analysis and Data Mining: The ASA Data Science Journal10.1002/sam.1137711:3(111-134)Online publication date: 27-Apr-2018
  • (2017)Anomaly detection in smart houses: Monitoring elderly daily behavior for fall detecting2017 IEEE Latin American Conference on Computational Intelligence (LA-CCI)10.1109/LA-CCI.2017.8285701(1-6)Online publication date: Nov-2017

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media