Embedded Intelligent Intrusion Detection: A Behavior-Based Approach

Embedded Intelligent Intrusion Detection: A Behavior-Based Approach
Adrian Lauf, Richard A. Peters, William H. Robinson

Citation
Adrian Lauf, Richard A. Peters, William H. Robinson. "Embedded Intelligent Intrusion Detection: A Behavior-Based Approach". IEEE 4th international symposium on Embedded Computing, IEEE, N/A, May, 2007.

Abstract
This paper describes the development of an intelligent intrusion detection system for use within an embedded device network consisting of interconnected agents. Integral behavior types are categorized by focusing primarily on inter-device requests and actions rather than at a packet or link level. Machine learning techniques use these observed behavioral actions to track devices which deviate from normal protocol. Deviant behavior can be analyzed and flagged, enabling interconnected agents to identify an intruder based upon the historical distribution of behavioral data that is accumulated about the possible deviant agent. Simulation results from the prototype system correlate detection accuracy with a tunable input tolerance factor.

Electronic downloads

Internal. This publication has been marked by the author for TRUST-only distribution, so electronic downloads are not available without logging in.

Citation formats

HTML

Adrian Lauf, Richard A. Peters, William H. Robinson. <a
href="http://www.truststc.org/pubs/187.html"
>Embedded Intelligent Intrusion Detection: A
Behavior-Based Approach</a>, IEEE 4th international
symposium on Embedded Computing, IEEE, N/A, May, 2007.

Plain text

Adrian Lauf, Richard A. Peters, William H. Robinson.
"Embedded Intelligent Intrusion Detection: A
Behavior-Based Approach". IEEE 4th international
symposium on Embedded Computing, IEEE, N/A, May, 2007.

BibTeX

@inproceedings{LaufPetersRobinson07_EmbeddedIntelligentIntrusionDetectionBehaviorBased,
    author = {Adrian Lauf and Richard A. Peters and William H.
              Robinson},
    title = {Embedded Intelligent Intrusion Detection: A
              Behavior-Based Approach},
    booktitle = {IEEE 4th international symposium on Embedded
              Computing},
    organization = {IEEE},
    pages = {N/A},
    month = {May},
    year = {2007},
    abstract = {This paper describes the development of an
              intelligent intrusion detection system for use
              within an embedded device network consisting of
              interconnected agents. Integral behavior types are
              categorized by focusing primarily on inter-device
              requests and actions rather than at a packet or
              link level. Machine learning techniques use these
              observed behavioral actions to track devices which
              deviate from normal protocol. Deviant behavior can
              be analyzed and flagged, enabling interconnected
              agents to identify an intruder based upon the
              historical distribution of behavioral data that is
              accumulated about the possible deviant agent.
              Simulation results from the prototype system
              correlate detection accuracy with a tunable input
              tolerance factor.},
    URL = {http://www.truststc.org/pubs/187.html}
}

Posted by Adrian Lauf, Ph.D. on 1 Mar 2007.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.