TY - GEN
T1 - Towards a Hybrid Intrusion Detection System for Android-based PPDR terminals
AU - Borges, Pedro
AU - Sousa, Bruno
AU - Ferreira, Luis
AU - Saghezchi, Firooz B.
AU - Mantas, Georgios
AU - Ribeiro, Jose
AU - Rodriguez, Jonathan
AU - Cordeiro, Luis
AU - Simoes, Paulo
N1 - Funding Information:
ACKNOWLEDGMENT This work was carried out with the support of the Centro 2020 Project Mobitrust (CENTRO-01-0247-FEDER-003343).
Publisher Copyright:
© 2017 IFIP.
PY - 2017/7/20
Y1 - 2017/7/20
N2 - Mobile devices are used for communication and for tasks that are sensitive and subject to tampering. Indeed, attacks can be performed on the users' devices without user awareness, this represents additional risk in mission critical scenarios, such as Public Protection and Disaster Relief (PPDR). Intrusion Detection Systems are important for scenarios where information leakage is of crucial importance, since they allow to detect possible attacks to information assets (e.g., installation of malware), or can even compromise the security of PPDR personnel. HyIDS is an Hybrid IDS for Android and supporting the stringent security requirements of PPDR, by comprising agents that continuously monitor mobile device and periodically transmit the data to an analysis framework at the Command Control Center (CCC). The data collection retrieves resource usage metrics for each installed application such as CPU, memory usage, and incoming and outgoing network traffic. At the CCC, the HyIDS employs Machine Learning techniques to identify patterns that are consistent with malware signatures based on the data collected from the applications. The HyIDS's evaluation results demonstrate that the proposed solution has low impact on the mobile device in terms of battery consumption and CPU/memory usage.
AB - Mobile devices are used for communication and for tasks that are sensitive and subject to tampering. Indeed, attacks can be performed on the users' devices without user awareness, this represents additional risk in mission critical scenarios, such as Public Protection and Disaster Relief (PPDR). Intrusion Detection Systems are important for scenarios where information leakage is of crucial importance, since they allow to detect possible attacks to information assets (e.g., installation of malware), or can even compromise the security of PPDR personnel. HyIDS is an Hybrid IDS for Android and supporting the stringent security requirements of PPDR, by comprising agents that continuously monitor mobile device and periodically transmit the data to an analysis framework at the Command Control Center (CCC). The data collection retrieves resource usage metrics for each installed application such as CPU, memory usage, and incoming and outgoing network traffic. At the CCC, the HyIDS employs Machine Learning techniques to identify patterns that are consistent with malware signatures based on the data collected from the applications. The HyIDS's evaluation results demonstrate that the proposed solution has low impact on the mobile device in terms of battery consumption and CPU/memory usage.
U2 - 10.23919/INM.2017.7987434
DO - 10.23919/INM.2017.7987434
M3 - Conference contribution
AN - SCOPUS:85029408618
T3 - Proceedings of the IM 2017 - 2017 IFIP/IEEE International Symposium on Integrated Network and Service Management
SP - 1034
EP - 1039
BT - Proceedings of the IM 2017 - 2017 IFIP/IEEE International Symposium on Integrated Network and Service Management
A2 - Chemouil, Prosper
A2 - Simoes, Paulo
A2 - Madeira, Edmundo
A2 - Secci, Stefano
A2 - Monteiro, Edmundo
A2 - Gaspary, Luciano Paschoal
A2 - dos Santos, Carlos Raniery P.
A2 - Charalambides, Marinos
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 15th IFIP/IEEE International Symposium on Integrated Network and Service Management, IM 2017
Y2 - 8 May 2017 through 12 May 2017
ER -