Exploring ICMetrics to detect abnormal program behaviour on embedded devices

Execution of unknown or malicious software on an embedded system may trigger harmful system behaviour targeted at stealing sensitive data and/or causing damage to the system. It is thus considered a potential and significant threat to the security of embedded systems. Generally, the resource constrained nature of Commercial off-the-shelf (COTS) embedded devices, such as embedded medical equipment, does not allow computationally expensive protection solutions to be deployed on these devices, rendering them vulnerable. A Self-Organising Map (SOM) based and Fuzzy C-means based approaches are proposed in this paper for detecting abnormal program behaviour to boost embedded system security. The presented technique extracts features derived from processor's Program Counter (PC) and Cycles per Instruction (CPI), and then utilises the features to identify abnormal behaviour using the SOM. Results achieved in our experiment show that the proposed SOM based and Fuzzy C-means based methods can identify unknown program behaviours not included in the training set with 90.9% and 98.7% accuracy

A Method for Detecting Abnormal Program Behavior on Embedded Devices

A potential threat to embedded systems is the execution of unknown or malicious software capable of triggering harmful system behavior, aimed at theft of sensitive data or causing damage to the system. Commercial off-the-shelf embedded devices, such as embedded medical equipment, are more vulnerable as these type of products cannot be amended conventionally or have limited resources to implement protection mechanisms. In this paper, we present a self-organizing map (SOM)-based approach to enhance embedded system security by detecting abnormal program behavior. The proposed method extracts features derived from processor's program counter and cycles per instruction, and then utilises the features to identify abnormal behavior using the SOM. Results achieved in our experiment show that the proposed method can identify unknown program behaviors not included in the training set with over 98.4% accuracy

SortAlgo-Metrics: Identification of Cloud-Based Server Via a Simple Algorithmic Analysis

This paper introduces a novel technique to detect spoof or fake software systems via the generation of a unique digital signature based on a direct analysis of the construction of the system. Specifically, we model a novel mechanism referred to as SortAlgo-Metrics analysis to identify cloud-based servers. Experimentally, we deployed four cloud-based servers to run four sorting algorithms in order to extract features that are employed to perform statistical analysis upon with the aim to obtain their metrics which has further underpin the investigation of their behaviours. The model has been validated by comparing training data and unknown data, and the result has shown server 2-4 have a strong identification with 96% probability, while server 1 with 55%, it is surmised that is could be as the result of insufficient sample data. However, if such a simple model can produce a result with this high probability, this shows that with more complex features and sufficient data pulled from cloud-based servers, SortAlgo-Metrics model could generate a higher degree of basis numbers for ICMetrics technology entropy key generation and other complex systems

A group secure key generation and transfer protocol based on ICMetrics

Secure group communications are more prone to attacks as compared to the conventional one to one communication. Every client in a group can be seen as a single source of attack, therefore it is important to design a robust security scheme that will protect all the individual clients and hence the entire group. In this paper a novel security architecture has been presented, that provides a secure group key generation and transfer protocol that is based on ICMetrics. The salient features of the protocol include a single collaborative key generation scheme that is initiated through client authentication. Also provided is a rekeying procedure that is important in maintaining the freshness of the key and offers perfect forward secrecy. The above features are based on the use of ICMetrics to provide a security protocol that is scalable and secure. The presented protocol has been simulated for varying group population sizes using C++ and Maple. The resulting running times for various stages of the protocol have been studied

Security and Privacy for the Internet of Things: An Overview of the Project

As the adoption of digital technologies expands, it becomes vital to build trust and confidence in the integrity of such technology. The SPIRIT project investigates the proof of concept of employing novel secure and privacy-ensuring techniques in services set-up in the Internet of Things (IoT) environment, aiming to increase the trust of users in IoTbased systems. The proposed system integrates three highly novel technology concepts developed by the consortium partners. Specifically, a technology, termed ICMetrics, for deriving encryption keys directly from the operating characteristics of digital devices; secondly, a technology based on a contentbased signature of user data in order to ensure the integrity of sent data upon arrival; a third technology, termed semantic firewall, which is able to allow or deny the transmission of data derived from an IoT device according to the information contained within the data and the information gathered about the requester

Icmapen: an icmetric based security framework for sleep apnea monitoring

Smart devices are becoming increasingly powerful which is why they are being used for point of care health services. Wearable devices can be purchased which allow continuous monitoring of a wearers vital signs. The data is generated, processed and stored remotely where it can be readily accessible to health professionals. Recent attacks on healthcare systems and health data shows that the systems are insecure and that security is a major hurdle in their wide adoption. Conventional cryptographic systems rely on stored keys for the provision of security. The stored keys can be captured in many ways which leads to the system being exposed. The ICMetric technology remedies this by eliminating the need for stored keys. Thus, the ICMetric technology functions as a key theft deterrent and as a basis for cryptographic services. This paper studies the design and implementation of an ICMetric based health monitoring system for people diagnosed with sleep apnea. The proposed system provides key generation, authentication and confidentiality by using the novel ICMetric technology. The proposed scheme is constituent of a cloud computing component which enables remote monitoring and data storage for access by health professionals.  This paper studies the performance of the proposed schemes by studying the running time. The security of the scheme has also been studied to show that the system provides high levels of security without resource compromise.Keywords: ICMetric; Sleep apnea; Cloud computing; Authentication; Confidentialit