Browsing by Author "Shaw, Carl"

Now showing 1 - 3 of 3
  • Thumbnail Image
    ItemOpen Access
    Analytical review of cybersecurity for embedded systems
    (IEEE, 2020-12-21) Aloseel, Abdulmohsan; He, Hongmei; Shaw, Carl; Khan, Muhammad Ali
    To identify the key factors and create the landscape of cybersecurity for embedded systems (CSES), an analytical review of the existing research on CSES has been conducted. The common properties of embedded systems, such as mobility, small size, low cost, independence, and limited power consumption when compared to traditional computer systems, have caused many challenges in CSES. The conflict between cybersecurity requirements and the computing capabilities of embedded systems makes it critical to implement sophisticated security countermeasures against cyber-attacks in an embedded system with limited resources, without draining those resources. In this study, twelve factors influencing CSES have been identified: (1) the components; (2) the characteristics; (3) the implementation; (4) the technical domain; (5) the security requirements; (6) the security problems; (7) the connectivity protocols; (8) the attack surfaces; (9) the impact of the cyber-attacks; (10) the security challenges of the ESs; (11) the security solutions; and (12) the players (manufacturers, legislators, operators, and users). A Multiple Layers Feedback Framework of Embedded System Cybersecurity (MuLFESC) with nine layers of protection is proposed, with new metrics of risk assessment. This will enable cybersecurity practitioners to conduct an assessment of their systems with regard to twelve identified cybersecurity aspects. In MuLFESC, the feedback from the system-components layer to the system-operations layer could help implement ‘‘Security by Design’’ in the design stage at the bottom layer. The study provides a clear landscape of CSES and, therefore, could help to find better comprehensive solutions for CSES.
  • Thumbnail Image
    ItemOpen Access
    Attack-detection architectural framework based on anomalous patterns of system performance and resource utilization - Part II
    (IEEE, 2021-06-11) Aloseel, Abdulmohsan; Al-Rubaye, Saba; Zolotas, Argyrios; Shaw, Carl
    This paper presents a unique security approach for detecting cyber-attacks against embedded systems (ESs). The proposed approach has been shaped within an architectural framework called anomalous resource consumption detection (ARCD). The approach’s detection mechanism detects cyber-attacks by distinguishing anomalous performance and resource consumption patterns from a pre-determinable reference model. The defense mechanism of this approach acts as an additional layer of protection for ESs. This technique’s effectiveness was previously evaluated statistically, and in this paper, we tested this approach’s efficiency computationally by using the support-vector machine algorithm. The datasets were generated and collected based on a testbed model, where it was run repeatedly under different operation conditions (normal cases (Rs) versus attacked cases). The executed attack scenarios are 1) denial-of-service (DoS); 2) brute force (BF); and 3) remote code execution (RCE), and man-in-the-middle (MITM). A septenary tuple model, which consists of seven determinants that are analyzed based on seven statistical criteria, is the core of the detection mechanism. The prediction accuracy in terms of classifying anomalous patterns compared to normal patterns based on the confusion matrix revealed promising results, proving this approach’s effectiveness, where the final results confirmed very high prediction accuracies in terms of distinguishing anomalous patterns from the typical patterns. Integrating the ARCD concept into an operating system’s functionality could help software developers augment the existing security countermeasures of ESs. Adopting the ARCD approach will pave the way for software engineers to build more secure operating systems in line with the embedded system’s capabilities, without depleting its resources.
  • Thumbnail Image
    ItemOpen Access
    A novel approach for detecting cyberattacks in embedded systems based on anomalous patterns of resource utilization - Part I
    (IEEE, 2021-06-11) Aloseel, Abdulmohsan; Al-Rubaye, Saba; Zolotas, Argyrios; He, Hongmei; Shaw, Carl
    This paper presents a novel security approach called Anomalous Resource Consumption Detection (ARCD), which acts as an additional layer of protection to detect cyberattacks in embedded systems (ESs). The ARCD approach is based on the differentiation between the predefined standard resource consumption pattern and the anomalous consumption pattern of system resource utilization. The effectiveness of the proposed approach is tested in a rigorous manner by simulating four types of cyberattacks: a denial-of-service attack, a brute-force attack, a remote code execution attack, and a man-in-the-middle attack, which are executed on a Smart PiCar (used as the testbed). A septenary tuple model consisting of seven parameters, representing the embedded system’s architecture, has been created as the core of the detection mechanism. The approach’s efficiency and effectiveness has been validated in terms of range and pattern by analyzing the collected data statistically in terms of mean, median, mode, standard deviation, range, minimum, and maximum values. The results demonstrated the potential for defining a standard pattern of resource utilization and performance of the embedded system due to a significant similarity of the parameters’ values at normal states. In contrast, the attacked cases showed a definite, observable, and detectable impact on resource consumption and performance of the embedded system, causing an anomalous pattern. Thus, by merging these two findings, the ARCD approach has been developed. ARCD facilitates building secure operating systems in line with the ES’s capabilities. Furthermore, the ARCD approach can work along with existing countermeasures to augment the security of the operating system layer.