Temporal-based intrusion detection for IoV-Reference-Cited by-同舟云学术

Temporal-based intrusion detection for IoV

Published:2020-12-01 Issue:5-6 Volume:62 Page:227-239
ISSN:2196-7032
Container-title:it - Information Technology
language:en
Short-container-title:

Author:

Hamad Mohammad¹^ORCID,Hammadeh Zain A. H.²,Saidi Selma³,Prevelakis Vassilis⁴

Affiliation:

1. 28412 Technical University of Munich , Department of Electrical and Computer Engineering , Munich , Germany

2. Institute for Software Technology , German Aerospace Center (DLR) , Cologne , Germany

3. Technical University of Dortmund , Department of Electrical Engineering and Information Technology , Dortmund , Germany

4. 26527 Technical University of Braunschweig , Institute of Computer and Network Engineering , Braunschweig , Germany

Abstract

Abstract The Internet of Vehicle (IoV) is an extension of Vehicle-to-Vehicle (V2V) communication that can improve vehicles’ fully autonomous driving capabilities. However, these communications are vulnerable to many attacks. Therefore, it is critical to provide run-time mechanisms to detect malware and stop the attackers before they manage to gain a foothold in the system. Anomaly-based detection techniques are convenient and capable of detecting off-nominal behavior by the component caused by zero-day attacks. One significant critical aspect when using anomaly-based techniques is ensuring the correct definition of the observed component’s normal behavior. In this paper, we propose using the task’s temporal specification as a baseline to define its normal behavior and identify temporal thresholds that give the system the ability to predict malicious tasks. By applying our solution on one use-case, we got temporal thresholds 20–40 % less than the one usually used to alarm the system about security violations. Using our boundaries ensures the early detection of off-nominal temporal behavior and provides the system with a sufficient amount of time to initiate recovery actions.

Funder

Horizon 2020 Framework Programme

Publisher

Walter de Gruyter GmbH

Subject

General Computer Science

Link

https://www.degruyter.com/document/doi/10.1515/itit-2020-0009/pdf

Reference25 articles.

1. Faraz Ahmed, Haider Hameed, M. Zubair Shafiq, and Muddassar Farooq. Using Spatio-temporal Information in API Calls with Machine Learning Algorithms for Malware Detection. In Proceedings of the 2nd ACM Workshop on Security and Artificial Intelligence, pages 55–62. ACM, 2009.

2. James P. Anderson. Computer Security Technology Planning Study. Volume 2. Technical report, DTIC Document, 1972.

3. Neil C. Audsley, Alan Burns, Robert I. Davis, Ken W. Tindell, and Andy J. Wellings. Fixed Priority Pre-emptive Scheduling: An Historical Perspective. Real-Time Systems, 8(2-3):173–198, 1995.

4. Felice Balarin, Luciano Lavagno, Praveen Murthy, Alberto Sangiovanni-Vincentelli, et al. Scheduling for Embedded Real-time Systems. IEEE Design & Test of Computers, 15(1):71–82, 1998.

5. Dominique Bertrand, Sébastien Faucou, and Yvon Trinquet. An Analysis of the AUTOSAR OS Timing Protection Mechanism. In IEEE Conference on Emerging Technologies & Factory Automation, 2009 (ETFA 2009), pages 1–8. IEEE, 2009.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Isolation Forest Based on Minimal Spanning Tree;IEEE Access;2022