The best of both worlds. A framework for the synergistic operation of host and cloud anomaly-based IDS for smartphones

Dimitrios Damopoulos, Georgios Kambourakis, Georgios Portokalidis

Research output: Contribution to conferencePaperpeer-review

42 Scopus citations

Abstract

Smartphone ownership and usage has seen massive growth in the past years. As a result, their users have attracted unwanted attention from malicious entities and face many security challenges, including malware and privacy issues. This paper concentrates on IDS carefully designed to cater to the security needs of modern mobile platforms. Two main research issues are tackled: (a) the definition of an architecture which can be used towards implementing and deploying such a system in a dual-mode (host/cloud) manner and irrespectively of the underlying platform, and (b) the evaluation of a proof-of-concept anomaly-based IDS implementation that incorporates dissimilar detection features, with the aim to assess its performance qualities when running on state-of-the-art mobile hardware on the host device and on the cloud. This approach allows us to argue in favor of a hybrid host/cloud IDS arrangement (as it assembles the best characteristics of both worlds) and to provide quantitative evaluation facts on if and in which cases machine learning-driven detection is affordable when executed on-device.

Original languageEnglish
DOIs
StatePublished - 2014
Event7th European Workshop on System Security, EuroSec 2014 - Amsterdam, Netherlands
Duration: 13 Apr 201413 Apr 2014

Conference

Conference7th European Workshop on System Security, EuroSec 2014
Country/TerritoryNetherlands
CityAmsterdam
Period13/04/1413/04/14

Fingerprint

Dive into the research topics of 'The best of both worlds. A framework for the synergistic operation of host and cloud anomaly-based IDS for smartphones'. Together they form a unique fingerprint.

Cite this