File Download
There are no files associated with this item.
SFX Link
- Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
- Choi, Jaesik
Views & Downloads
Detailed Information
Cited time in 
Cited time in 
Cited time in
Metadata Downloads
Memory Heat Map: Anomaly Detection in Real-Time Embedded Systems Using Memory Behavior
- Author(s)
- Yoon, Man-Ki, Mohan, Sibin, Choi, Jaesik, Sha, Lui
- Issued Date
- 2015-06-09
- Citation
- Design Automation Conference, pp.7167219
- Abstract
- In this paper, we introduce a novel mechanism that identifies abnormal system-wide behaviors using the predictable nature of real-time embedded applications. We introduce Memory Heat Map (MHM) to characterize the memory behavior of the operating system. Our machine learning algorithms automatically (a) summarize the information contained in the MHMs and then (b) detect deviations from the normal memory behavior patterns. These methods are implemented on top of a multicore processor architecture to aid in the process of monitoring and detection. The techniques are evaluated using multIPle attack scenarios including kernel rootkits and shellcode. To the best of our knowledge, this is the first work that uses aggregated memory behavior for detecting system anomalies especially the concept of memory heat maps.
- Publisher
- ACM/EDAC/IEEE
- ISSN
- 0738-100X
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.