Paper Info
Title
Window-Based Statistical Analysis Of Timing Subcomponents For Efficient Detection Of Malware In Life-Critical Systems
Abstract
Securing life-critical embedded systems, particularly medical devices, requires both proactive security measures that prevent intrusions and reactive measures that detect intrusions. This paper presents a novel model for specifying the normal timing for operations in software applications using cumulative distribution functions of timing subcomponent within sliding execution windows. We present a probabilistic formulation for estimating the presence of malware for individual operations by monitoring the internal timing of the different components of the system, and we define thresholds to minimize false positives based on training data. Experimental results with a smart connected pacemaker and three sophisticated mimicry malware scenarios demonstrate improved performance and accuracy compared to state-of-the-art timing-based malware detection
Year
DOI
Venue
2019
10.23919/SpringSim.2019.8732899
2019 Spring Simulation Conference (SpringSim)
Keywords
Field
DocType
Timing,Malware,Anomaly detection,Monitoring,Runtime,Embedded systems
Training set,Data mining,Anomaly detection,Computer science,Real-time computing,Software,Cumulative distribution function,Probabilistic logic,Malware,False positive paradox,Statistical analysis
Conference
ISBN
Citations 
PageRank 
978-1-5108-8388-8
0
0.34
References 
Authors
0
3
Name
Order
Citations
PageRank
Nadir Carreon130.84
Allison Gilbreath200.34
Roman Lysecky360560.43