Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Frequent Sets Discovery in Privacy Preserving Quantitative Association Rules Mining Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Detecting Anomalies in Embedded Computing Systems via a Novel HMM-Based Machine Learning Approach

verfasst von : Alfredo Cuzzocrea, Eric Medvet, Enzo Mumolo, Riccardo Cecolin

Erschienen in: Hybrid Artificial Intelligent Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Computing systems are vulnerable to anomalies that might occur during execution of deployed software: e.g., faults, bugs or deadlocks. When occurring on embedded computing systems, these anomalies may severely hamper the corresponding devices; on the other hand, embedded systems are designed to perform autonomously, i.e., without any human intervention, and thus it is difficult to debug an application to manage the anomaly. Runtime anomaly detection techniques are the primary means of being aware of anomalous conditions. In this paper, we describe a novel approach to detect an anomaly during the execution of one or more applications. Our approach describes the behaviour of the applications using the sequences of memory references generated during runtime. The memory references are seen as signals: they are divided in overlapping frames, then parametrized and finally described with Hidden Markov Models (HMM) for detecting anomalies. The motivations of using such methodology for embedded systems are the following: first, the memory references could be extracted with very low overhead with software or architectural tools. Second, the device HMM analysis framework, while being very powerful in gathering high level information, has low computational complexity and thus is suitable to the rather low memory and computational capabilities of embedded systems. We experimentally evaluated our proposal on a ARM9, Linux based, embedded system using the SPEC 2006 CPU benchmark suite and found that it shows very low error rates for some artificially injected anomalies, namely a malware, an infinite loop and random errors during execution.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Improving Earthquake Prediction with Principal Component Analysis: Application to Chile
Nächstes Kapitel Using Dalvik Opcodes for Malware Detection on Android
Literatur
1.
Maxion, R., Tan, K.: Anomaly detection in embedded systems. IEEE Trans. Comput. 51(2), 108–120 (2002)
2.
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection for discrete sequences: a survey. IEEE Trans. Knowl. Data Eng. PP(99), 1 (2010)
3.
Maxion, R., Tan, K.: Benchmarking anomaly-based detection systems. In: Proceedings International Conference on Dependable Systems and Networks, DSN 2000, pp. 623–630 (2000)
4.
Tan, X., Wang, W., Xi, H., Yin, B.: A markov model of system calls sequence and its application in anomaly detection. Comput. Eng. 43, 189–191 (2002)
5.
Wang, P., Shi, L., Wang, B., Wu, Y., Liu, Y.: Survay on HMM based anomaly intrusion detection using system calls. In: The 5th International Conference on Computer Science and Education, pp. 102–105, August 2010
6.
Sugaya, M., Ohno, Y., van der Zee, A., Nakajima, T.: A lightweight anomaly detection system for information appliances. In: ISORC, pp. 257–266 (2009)
7.
Zandrahimi, M., Zarandi, H., Mottaghi, M.: Two effective methods to detect anomalies in embedded systems. Microelectron. J. 43, 77–87 (2012)
8.
Moro, A., Mumolo, E., Nolich, M.: Ergodic continuous hidden markov models for workload characterization. In: Proceedings of 6th International Symposium on Image and Signal Processing and Analysis, ISPA 2009, pp. 99–104, September 2009
9.
Moro, A., Mumolo, E., Nolich, M.: Workload modeling using pseudo2D-HMM. In: IEEE International Symposium on Modeling, Analysis Simulation of Computer and Telecommunication Systems, MASCOTS 2009, pp. 1–2, September 2009
10.
Zadeh, M., Zein, M., Salem, M., Kumar, N., Cutulenco, G., Fischmeister, S.: SiPTA: signal processing for trace-based anomaly detection. In: Proceedings of the Conference on Embedded Software (EMSOFT), pp. 2–10, October 2014
11.
Makhoul, J.: Fast cosine transform in one and two dimensions. IEEE Trans. Acoust. Speech Sig. Proc. 28(1), 27–34 (1980)MATHMathSciNet
12.
Linde, Y., Buzo, A., Gray, R.M.: An algorithm for vector quantizer design. IEEE Trans. Commun. 1, 702–710 (1980)
13.
Devijver, P.A.: Baum’s forward–backward algorithm revisited. Pattern Recogn. Lett. 3, 369–373 (1985)MATH
14.
15.
16.
17.
Cuzzocrea, A., Furfaro, F., Masciari, E., Saccà, D., Sirangelo, C.: Approximate query answering on sensor network data streams. In: Stefanidis, A., Nittel, S. (eds.) GeoSensor Networks, pp. 53–72. CRC Press, Boca Raton (2004)
18.
Cuzzocrea, A., Saccá, D., Serafino, P.: A hierarchy-driven compression technique for advanced OLAP visualization of multidimensional data cubes. In: Tjoa, A.M., Trujillo, J. (eds.) DaWaK 2006. LNCS, vol. 4081, pp. 106–119. Springer, Heidelberg (2006) CrossRef
19.
Cuzzocrea, A., Saccà, D.: Balancing accuracy and privacy of OLAP aggregations on data cubes. In: Proceedings of the ACM 13th International Workshop on Data Warehousing and OLAP, DOLAP 2010, Toronto, Ontario, Canada, 30 October, pp. 93–98 (2010)
20.
Cuzzocrea, A., Saccà, D., Ullman, J.D.: Big data: a research agenda. In: 17th International Database Engineering & Applications Symposium, IDEAS 2013, Barcelona, Spain, 09–11 October, pp. 198–203 (2013)
Metadaten
Titel
Detecting Anomalies in Embedded Computing Systems via a Novel HMM-Based Machine Learning Approach
verfasst von
Alfredo Cuzzocrea
Eric Medvet
Enzo Mumolo
Riccardo Cecolin
Copyright-Jahr
2015
Buch
Hybrid Artificial Intelligent Systems

Print ISBN: 978-3-319-19643-5

Electronic ISBN: 978-3-319-19644-2

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-319-19644-2_34