June 20, 2005
Conference Paper

Configurable Middleware-Level Intrusion Detection for Embedded Systems

Abstract

Embedded systems have become integral parts of a diverse range of systems from automobiles to critical infrastructure applications such as gas and electric power distribution. Unfortunately, research on computer security in general and intrusion detection in particular, has not kept pace. Furthermore, embedded systems, by their very nature, are application specific and therefore frameworks for developing application-specific intrusion detection systems for distributed embedded systems must be researched, designed, and implemented. In this paper, we present a configurable middleware-based intrusion detection framework. In particular, this paper presents a system model and a concrete implementation of a highly configurable intrusion detection framework that is integrated into MicroQoSCORBA, a highly configurable middleware framework developed for embedded systems. By exploiting the application-specific logic available to a middleware framework (e.g., object interfaces and method signatures), our integrated framework is able to autogenerate application-specific intrusion detection systems. Next, a set of configurable intrusion detection mechanisms suitable for embedded systems is presented. A performance evaluation of these mechanisms, run on two hardware platforms, is presented at the end of the paper.

Revised: July 8, 2010 | Published: June 20, 2005

Citation

Naess E., D.A. Frincke, A.D. McKinnon, and D.E. Bakken. 2005. Configurable Middleware-Level Intrusion Detection for Embedded Systems. In Proceedings of the 25th IEEE International Conference on Distributed Computing Systems Workshop (ICDCSW'05), 144-151. Piscataway, New Jersey:Institute of Electrical and Electronics Engineers. PNNL-SA-43862. doi:10.1109/ICDCSW.2005.52