Team for Research in
Ubiquitous Secure Technology

Embedded Intelligent Intrusion Detection: A Behavior-Based Approach
Adrian Lauf, Richard A. Peters, William H. Robinson

Citation
Adrian Lauf, Richard A. Peters, William H. Robinson. "Embedded Intelligent Intrusion Detection: A Behavior-Based Approach". IEEE 4th international symposium on Embedded Computing, IEEE, N/A, May, 2007.

Abstract
This paper describes the development of an intelligent intrusion detection system for use within an embedded device network consisting of interconnected agents. Integral behavior types are categorized by focusing primarily on inter-device requests and actions rather than at a packet or link level. Machine learning techniques use these observed behavioral actions to track devices which deviate from normal protocol. Deviant behavior can be analyzed and flagged, enabling interconnected agents to identify an intruder based upon the historical distribution of behavioral data that is accumulated about the possible deviant agent. Simulation results from the prototype system correlate detection accuracy with a tunable input tolerance factor.

Electronic downloads


Internal. This publication has been marked by the author for TRUST-only distribution, so electronic downloads are not available without logging in.
Citation formats  
  • HTML
    Adrian Lauf, Richard A. Peters, William H. Robinson. <a
    href="http://www.truststc.org/pubs/187.html"
    >Embedded Intelligent Intrusion Detection: A
    Behavior-Based Approach</a>, IEEE 4th international
    symposium on Embedded Computing, IEEE, N/A, May, 2007.
  • Plain text
    Adrian Lauf, Richard A. Peters, William H. Robinson.
    "Embedded Intelligent Intrusion Detection: A
    Behavior-Based Approach". IEEE 4th international
    symposium on Embedded Computing, IEEE, N/A, May, 2007.
  • BibTeX
    @inproceedings{LaufPetersRobinson07_EmbeddedIntelligentIntrusionDetectionBehaviorBased,
        author = {Adrian Lauf and Richard A. Peters and William H.
                  Robinson},
        title = {Embedded Intelligent Intrusion Detection: A
                  Behavior-Based Approach},
        booktitle = {IEEE 4th international symposium on Embedded
                  Computing},
        organization = {IEEE},
        pages = {N/A},
        month = {May},
        year = {2007},
        abstract = {This paper describes the development of an
                  intelligent intrusion detection system for use
                  within an embedded device network consisting of
                  interconnected agents. Integral behavior types are
                  categorized by focusing primarily on inter-device
                  requests and actions rather than at a packet or
                  link level. Machine learning techniques use these
                  observed behavioral actions to track devices which
                  deviate from normal protocol. Deviant behavior can
                  be analyzed and flagged, enabling interconnected
                  agents to identify an intruder based upon the
                  historical distribution of behavioral data that is
                  accumulated about the possible deviant agent.
                  Simulation results from the prototype system
                  correlate detection accuracy with a tunable input
                  tolerance factor.},
        URL = {http://www.truststc.org/pubs/187.html}
    }
    

Posted by Adrian Lauf, Ph.D. on 1 Mar 2007.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.