Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, EpiSciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Skip to Main content Skip to Navigation
Conference papers

Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems

Abstract : Securing embedded control systems presents a unique challenge. In addition to the resource restrictions inherent to embedded devices, embedded control systems must accommodate strict, non-negotiable timing requirements, and their massive scale greatly increases other costs such as power consumption. These constraints render conventional host-based intrusion detection – using a hypervisor to create a safe environment under which a monitoring entity can operate – costly and impractical.This paper describes the design and implementation of Autoscopy, an experimental host-based intrusion detection system that operates from within the kernel and leverages its built-in tracing framework to identify control flow anomalies that are often caused by rootkits hijacking kernel hooks. Experimental tests demonstrate that Autoscopy can detect representative control flow hijacking techniques while maintaining a low performance overhead.
Document type :
Conference papers
Complete list of metadata

Cited literature [29 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, August 3, 2017 - 3:03:57 PM
Last modification on : Wednesday, August 14, 2019 - 11:24:04 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Jason Reeves, Ashwin Ramaswamy, Michael Locasto, Sergey Bratus, Sean Smith. Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems. 5th International Conference Critical Infrastructure Protection (ICCIP), Mar 2011, Hanover, NH, United States. pp.31-46, ⟨10.1007/978-3-642-24864-1_3⟩. ⟨hal-01571779⟩



Record views


Files downloads