Intrusion Detection for CPS Real-Time Controllers

Zimmer, Christopher; Bhat, Balasubramany; Mueller, Frank; Mohan, Sibin

doi:10.1007/978-3-662-45928-7_12

Cited by 9 publications

(2 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, as mentioned previously, this extreme solution may not be suitable for hard-real-time systems, as it may cause the system to enter an unstable state. Zimmer et al [24] use the WCET timing bound to detect code injection attacks by comparing the WCET value with the elapsed time along the return path. Petal et al [14] proposed an approach to monitor the execution time of the running tasks.…”

Section: Time-based Intrusion Detection Approachmentioning

confidence: 99%

Temporal-based intrusion detection for IoV

Hamad

Hammadeh

Saidi

et al. 2020

It - Information Technology

View full text Add to dashboard Cite

The Internet of Vehicle (IoV) is an extension of Vehicle-to-Vehicle (V2V) communication that can improve vehicles’ fully autonomous driving capabilities. However, these communications are vulnerable to many attacks. Therefore, it is critical to provide run-time mechanisms to detect malware and stop the attackers before they manage to gain a foothold in the system. Anomaly-based detection techniques are convenient and capable of detecting off-nominal behavior by the component caused by zero-day attacks. One significant critical aspect when using anomaly-based techniques is ensuring the correct definition of the observed component’s normal behavior. In this paper, we propose using the task’s temporal specification as a baseline to define its normal behavior and identify temporal thresholds that give the system the ability to predict malicious tasks. By applying our solution on one use-case, we got temporal thresholds 20–40 % less than the one usually used to alarm the system about security violations. Using our boundaries ensures the early detection of off-nominal temporal behavior and provides the system with a sufficient amount of time to initiate recovery actions.

show abstract

Section: Time-based Intrusion Detection Approachmentioning

confidence: 99%

Temporal-based intrusion detection for IoV

Hamad

Hammadeh

Saidi

et al. 2020

It - Information Technology

View full text Add to dashboard Cite

show abstract

“…Zimmer et al [22] proposed time-based IDS using timing metrics and comparing the worst-case bounds to detect code injection on CPS system. The three approaches in the study are to obtain timing bound during static analysis, synchronous scheduler calls, asynchronous scheduler calls.…”

Section: Evaluation Of Idss In Cpsmentioning

confidence: 99%