Anomaly Detection in Embedded Systems
IEEE Transactions on Computers - Special issue on fault-tolerant embedded systems
Benchmarking Anomaly-Based Detection Systems
DSN '00 Proceedings of the 2000 International Conference on Dependable Systems and Networks (formerly FTCS-30 and DCCA-8)
"Why 6?" Defining the Operational Limits of Stide, an Anomaly-Based Intrusion Detector
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Markov Chains, Classifiers, and Intrusion Detection
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
MMBIA '01 Proceedings of the IEEE Workshop on Mathematical Methods in Biomedical Image Analysis (MMBIA'01)
A model-based approach for real-time embedded multimodal systems in military aircrafts
Proceedings of the 6th international conference on Multimodal interfaces
An approach to spacecraft anomaly detection problem using kernel feature space
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
Parallel and Distributed Computing for Cybersecurity
IEEE Distributed Systems Online
Anomalous system call detection
ACM Transactions on Information and System Security (TISSEC)
In-Network Outlier Detection in Wireless Sensor Networks
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Hierarchical Anomaly Detection in Distributed Large-Scale Sensor Networks
ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
Online outlier detection in sensor data using non-parametric models
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
Editorial: Similarity-based pattern recognition
Pattern Recognition
Radio Frequency Identification Applications in Smart Hospitals
CBMS '07 Proceedings of the Twentieth IEEE International Symposium on Computer-Based Medical Systems
An adaptive anomaly detector for worm detection
SYSML'07 Proceedings of the 2nd USENIX workshop on Tackling computer systems problems with machine learning techniques
Journal of Systems and Software
Unsupervised Outlier Detection in Sensor Networks Using Aggregation Tree
ADMA '07 Proceedings of the 3rd international conference on Advanced Data Mining and Applications
Computing Correlation Anomaly Scores Using Stochastic Nearest Neighbors
ICDM '07 Proceedings of the 2007 Seventh IEEE International Conference on Data Mining
ACM Computing Surveys (CSUR)
On achieving good operating points on an ROC plane using stochastic anomaly score prediction
Proceedings of the 16th ACM conference on Computer and communications security
Towards an adaptive execution of applications in heterogeneous embedded networks
Proceedings of the 2010 ICSE Workshop on Software Engineering for Sensor Network Applications
An anomaly detection algorithm for detecting attacks in wireless sensor networks
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
| Hi-index | 0.00 |
Current-day embedded systems are very vulnerable to faults and defects. Anomaly detection is often the primary means of providing early indication of faults and defects. This paper presents two methods for detecting anomalies in embedded systems. The first method, buffer based detector, constructs a buffer consisting of events from a stream of data considered to be normal. Consequently, during test stage, if an event does not exist in the buffer, a miss will happen. An anomaly exists in test data provided that the hit rate of the buffer does not reach a predefined threshold. The second method namely probabilistic detector employs the probability of data events to evaluate the behavior of system. In order to measure the probability of events in the system, sampling of two events with distinct distance is done. Eventually, during test stage, the probability of events can be measured. An anomaly exists in test data provided that this probability does not reach a predefined threshold. A comparison between these two methods and other typical methods has been done based on detection coverage, area overhead and delay overhead. The experiments on 112 standard benchmarks show that the proposed methods can detect 100% of anomalies. Also, the area overhead of the proposed detectors grows linearly, while the area overhead of other typical detectors grows exponentially by the increase in one of the detector's parameters.