AI帮你理解科学
AI 精读
AI抽取本论文的概要总结
微博一下:
Towards an Intrusion Detection System for Battery Exhaustion Attacks on Mobile Computing Devices
PerCom Workshops, pp.141-145, (2005)
EI WOS
摘要
Mobile computers are subject to a unique form of denial of service attack known as a battery exhaustion attack, in which an attacker attempts to rapidly drain the battery of the device. In this paper we present our first steps in the design of an intrusion detection system for these attacks, a system that takes into account the performanc...更多
代码:
数据:
简介
- A key element in a successful pervasive computing environment is a personal computing device that enables the user to have continuous access to information [7].
- One security attack that is unique to battery powered devices is a denial of service attack aimed at draining the battery.
- These “sleep deprivation torture” or “battery exhaustion” attacks, as called by Stajano and Anderson, prevent devices from entering normal low power idle or sleep states [8].
- The Cabir virus was created to illustrate a vulnerability in mobile devices running Symbian OS Series 60 [9].
- It transmits itself using the Bluetooth communication protocol between devices.
- The virus causes the Bluetooth radio on the mobile device to broadcast at frequent intervals, seriously reducing the battery life of the device
重点内容
- A key element in a successful pervasive computing environment is a personal computing device that enables the user to have continuous access to information [7]
- We have identified and implemented three different classes of these attacks [6]: (1) malignant attacks, in which a virus or Trojan horse is used to make the device consume significant power, (2) benign attacks, in which an unmodified program is given pathological data such that the program consumes excessive energy, and (3) service request attacks, a special form of the benign attack in which repeated requests are made to a network service provided by the device
- In addition to our proof-of-concept implementations, there is already a virus “in the wild” that has the properties of a battery exhaustion attack, its excessive power consumption appears to have been a side effect rather than the main intent
- We propose the development of an intrusion detection system designed to detect this new form of attack, subject to the performance, memory, and energy limitations of pervasive computing devices
- The laptop was chosen for this paper because it provided greater flexibility in testing our fundamental ideas than would a more limited platform such as a cell phone, but we believe the method we describe here can be generalized to work for any battery-powered computing system with the appropriate choice of variables for the regression model
- An open question is whether an intrusion detection system (IDS) based on self-contained power measurement such as we have described here can be used to detect non-battery-related intrusions
方法
- Methods used in commercial
IDSs may be difficult, if not impossible to implement. For instance, the extensive audit data, in the form of system logging, collected and analyzed by an IDS may not be present or may require too much time and energy to collect. - If a device could operate at idle power for 3 hours under normal usage, the goal might be to guarantee 2 hours of operational life in the face of repeated attacks.
- Given this goal, it is necessary to know when the system has high power consumption over a long period of time, such that the system is in danger of not meeting the guaranteed battery life.
- When the time threshold has been exceeded, the authors identify which process or processes are responsible for using the most energy over that period of time
- Such an IDS is unique in that it can still be successful even if it does not detect all attacks against the system.
- Even though the attacks are successful, the goal of guaranteeing a specific battery life is still achieved
结论
- Conclusions and Future Work
The proposed IDS proved to be effective in identifying when the system has exceeded the power consumption that would allow it to achieve a guaranteed battery life. - The authors' IDS can identify those processes that caused the increased load on the system.
- This allows a user to take a necessary action to stop such processes from continuing to operate.
- The cache attack program used in [6] showed increased power consumption for cache misses on some platforms while other platforms showed increased power consumption for cache hits.
- Through mechanisms such as Intel’s Pentium performance counters, cache behavior could be recorded and integrated into the power estimation
表格
- Table1: Multiple linear regression was used to derive these coefficients
基金
- This material is based upon work supported by the National Science Foundation under grant no
研究对象与分析
samples: 10000
Using the Microsoft Performance Data Counters available in Microsoft Windows NT 4.0 and later operating systems, many of these metrics were measured on the above mentioned system while at the same time measuring the power consumption of the system externally. The power measurement setup used was the same as that used in [6], using a high-end digital multimeter capable of sampling system current at 10,000 samples per second. The laptop was chosen for this paper because it provided greater flexibility in testing our fundamental ideas than would a more limited platform such as a cell phone, but we believe the method we describe here can be generalized to work for any battery-powered computing system with the appropriate choice of variables for the regression model
引用论文
- S. Forrest and A. Somayaji, “Automated Response Using System-Call Delays,” Proceedings of the 9th USENIX Security Symposium, pp. 185-197, August 2000.
- S. Forrest, S. Hofmeyr, and A. Somayaji, A. "Computer immunology," Communications of the ACM,, October 1997, vol. 40, no. 10, pp. 88-96.
- A. Jones and R. Sielken, “Computer Intrusion Detection: A Survey”, University of Virginia, Computer Science Technical Report, 2000.
- P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Advances in Cryptology, Crytpo '99, Springer LNCS 1666, pp. 388-397, 1999.
- W. Lee and S. Stolfo, “Data Mining Approaches to Intrusion Detection,” Proceedings of the 7th USENIX Security Symposium, pp. 79-94, January 1998.
- T. Martin, M. Hsiao, D. Ha, and J. Krishnaswami, “Denialof-Service Attacks on Battery-powered Mobile Computers,” Second IEEE International Conference on Pervasive Computing and Communications, pp. 309-318, March 2004.
- M. Satyanarayanan, "Pervasive computing: vision and challenges," IEEE Personal Communications, Volume: 8 Issue: 4, pp. 10 -17, Aug. 2001.
- F. Stajano and R. Anderson, "The resurrecting duckling: Security issues for adhoc wireless networks," in Proceedings of the 7th International Workshop on Security Protocols, Lecture Notes in Computer Science volume 1796, pp. 172-194, April 1999.
标签
评论
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn