intrusion detection systems; performance monitoring; resource isolation; shared-resource contention; Embedded-system; Intrusion Detection Systems; Machine-learning; Modern embedded systems; Multi-core platforms; Performance-monitoring; Resource isolation; Shared resource contentions; Single computing; Software-component; Artificial Intelligence; Computer Networks and Communications; Computer Science Applications; Hardware and Architecture; Information Systems and Management
Abstract :
[en] Modern embedded systems integrate software components onto a single computing platform to meet stringent non-functional requirements of cost, space, weight, and power consumption, amongst others. Moreover, the growing demand for computational power pushed for the adoption of multicore platforms. At the same time, those platforms are often connected to the external world to support a variety of applications. In this context, Machine Learning-based Intrusion Detection Systems (IDS) are of significant importance to guarantee the system's security during its operation. One approach to be adopted by IDS is to model the behavior of the applications on an embedded system through Performance Monitoring Counters (PMC) and operate during runtime by detecting deviations to the modeled behavior. Notwithstanding, the execution of multiple tasks onto the same multicore platform often incurs shared-resource contention between tasks, which may impair the execution of software components and possibly affect the behavior observed through PMC. In this paper, we assess the impacts of lacking proper resource isolation mechanisms on multicore embedded systems over two Machine Learning-based Intrusion Detection Systems (IDS) solutions that rely on PMC. We use a relevant dataset in the scope of embedded systems control with both tasks monitored while executing without and with the interference of shared-resources contention. Results demonstrate that the lack of isolation can lead to the IDS mechanism losing the ability to recognize the behavior of target software components.
Disciplines :
Computer science
Author, co-author :
Horstmann, Leonardo Passig; Federal University of Santa Catarina, Software/Hardware Integration Lab, Florianópolis, Brazil
Frohlich, Antonio Augusto; Federal University of Santa Catarina, Software/Hardware Integration Lab, Florianópolis, Brazil
VÖLP, Marcus ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX
External co-authors :
yes
Language :
English
Title :
On the Impacts of Shared-Resource Contention on Intrusion Detection Systems based on Performance Monitoring
Publication date :
2024
Event name :
2024 IEEE 27th International Symposium on Real-Time Distributed Computing (ISORC)
Event place :
Tunis, Tun
Event date :
22-05-2024 => 25-05-2024
Audience :
International
Main work title :
Proceedings - 2024 IEEE 27th International Symposium on Real-Time Distributed Computing, ISORC 2024
Publisher :
Institute of Electrical and Electronics Engineers Inc.
A. Burns and R. I. Davis, "A survey of research into mixed criticality systems," ACM Computing Surveys, vol. 50, no. 6, pp. 1-37, Jan. 2017. [Online]. Available: https://doi.org/10.1145/3131347
M. Kadar, "Integration methods for host intrusion detection into embedded mixed-criticality systems," Ph.D. dissertation, Kaiserslautern University of Technology, Germany, 2022. [Online]. Available: https://kluedo.ub.uni-kl.de/frontdoor/index/index/docId/6822
J. L. C. Hoffmann, L. P. Horstmann, and A. A. Frohlich, "Anomaly detection in multicore embedded systems," in 2019 IX Brazilian Symposium on Computing Systems Engineering (SBESC), 2019, pp. 1-8.
L. P. Horstmann and A. A. Frohlich, "Intrusion detection in multicore embedded systems based on artificial immune systems," in 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA), 2022, pp. 1-8.
J. L. C. Hoffmann and A. A. Frohlich, "Online machine learning for energy-aware multicore real-time embedded systems," IEEE Transactions on Computers, vol. 71, no. 2, pp. 493-505, Feb. 2022. [Online]. Available: https://doi.org/10.1109/tc.2021.3056070
G. Gracioli and A. A. Frohlich, "Two-phase colour-aware multicore real-time scheduler," IET Computers & Digital Techniques, vol. 11, no. 4, pp. 133-139, Mar. 2017. [Online]. Available: https://doi.org/10.1049/ietcdt.2016.0114
K. Ott and R. Mahapatra, "Hardware performance counters for embedded software anomaly detection," in 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech). IEEE, Aug. 2018. [Online]. Available: https://doi.org/10.1109/dasc/picom/datacom/cyberscitec.2018.00101
E. W. L. Leng, M. Zwolinski, and B. Halak, "Hardware performance counters for system reliability monitoring," 2017 IEEE 2nd International Verification and Security Workshop (IVSW), pp. 76-81, 2017. [Online]. Available: https://ieeexplore.ieee.org/document/8031548
M. Guthaus, J. Ringenberg, D. Ernst, T. Austin, T. Mudge, and R. Brown, "MiBench: A free, commercially representative embedded benchmark suite," in Proceedings of the Fourth Annual IEEE International Workshop on Workload Characterization. WWC-4 (Cat. No.01EX538). IEEE. [Online]. Available: https://doi.org/10.1109/wwc.2001.990739
J. L. C. Hoffmann, L. P. Horstmann, M. M. Lucena, G. M. de Araujo, A. A. Frohlich, and M. H. N. Nishioka, "Anomaly detection on wind turbines based on a deep learning analysis of vibration signals," Applied Artificial Intelligence, vol. 35, no. 12, pp. 893-913, Aug. 2021. [Online]. Available: https://doi.org/10.1080/08839514.2021.1966879
I. Goodfellow, Y. Bengio, A. Courville, and Y. Bengio, Deep learning. MIT press Cambridge, 2016, vol. 1.
J. L. Conradi Hoffmann and A. A. Frohlich, "Online machine learning for energy-aware multicore real-time embedded systems database," 2021. [Online]. Available: https://doi.org/10.21227/32v4-s430
S. K. Venkata, I. Ahn, D. Jeon, A. Gupta, C. Louie, S. Garcia, S. Belongie, and M. B. Taylor, "SD-VBS: The San Diego vision benchmark suite," 2009 IEEE International Symposium on Workload Characterization (IISWC), pp. 55-64, october 2009.
D. Dasgupta and F. Gonzalez, "An immunity-based technique to characterize intrusions in computer networks," IEEE Transactions on Evolutionary Computation, vol. 6, no. 3, pp. 281-291, Jun. 2002.
