TY - GEN
T1 - Hybrid Intrusion Detection Mechanisms for Integrated Electronic Systems
AU - Qiao, Qi
AU - He, Daojing
AU - Gao, Yun
AU - Zhu, Sencun
AU - Gao, Jiahao
AU - Chan, Sammy
N1 - Funding Information:
This research is supported by the National Key R&D Program of China (2017YFB0802805 and 2017YFB0801701); the National Natural Science Foundation of China (Grants: U1936120 and U1636216); Joint Fund of the Ministry of Education of China for Equipment Preresearch (No. 6141A020333); the Shanghai Knowledge Service Platform for Trustworthy Internet of Things (No. ZF1213); the Fok Ying Tong Education Foundation of China (Grant 171058); and the Fundamental Research Funds for the Central Universities. Daojing He is the corresponding author.
Publisher Copyright:
© 2020 IEEE.
PY - 2020/6
Y1 - 2020/6
N2 - While integrated electronic systems (IESs) are widely used in military and civilian applications, their security issues are barely studied. By analyzing the architecture of the system and the characteristics of bus communication, this paper proposes an intrusion detection method based on the message sequence and behavioral rules of subsystems. According to the bus protocol, messages are divided into periodic and aperiodic messages. For the previous, we adopt sequence analysis and propose an algorithm that extract the sequence intelligently to determine if there are anomalies. For aperiodic messages, we detect the anomalies by modeling the system behaviors as decision trees. Through implementing experiments on our simulation system, we demonstrate that the proposed detection is more accurate than the existing schemes while incurring both lower false negative rate and lower false positive rate.
AB - While integrated electronic systems (IESs) are widely used in military and civilian applications, their security issues are barely studied. By analyzing the architecture of the system and the characteristics of bus communication, this paper proposes an intrusion detection method based on the message sequence and behavioral rules of subsystems. According to the bus protocol, messages are divided into periodic and aperiodic messages. For the previous, we adopt sequence analysis and propose an algorithm that extract the sequence intelligently to determine if there are anomalies. For aperiodic messages, we detect the anomalies by modeling the system behaviors as decision trees. Through implementing experiments on our simulation system, we demonstrate that the proposed detection is more accurate than the existing schemes while incurring both lower false negative rate and lower false positive rate.
UR - http://www.scopus.com/inward/record.url?scp=85091968514&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85091968514&partnerID=8YFLogxK
U2 - 10.1109/SECON48991.2020.9158421
DO - 10.1109/SECON48991.2020.9158421
M3 - Conference contribution
AN - SCOPUS:85091968514
T3 - Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks workshops
BT - 2020 17th IEEE International Conference on Sensing, Communication and Networking, SECON 2020
PB - IEEE Computer Society
T2 - 17th IEEE International Conference on Sensing, Communication and Networking, SECON 2020
Y2 - 22 June 2020 through 25 June 2020
ER -