TY - GEN
T1 - The best of both worlds. A framework for the synergistic operation of host and cloud anomaly-based IDS for smartphones
AU - Damopoulos, Dimitrios
AU - Kambourakis, Georgios
AU - Portokalidis, Georgios
PY - 2014/4/13
Y1 - 2014/4/13
N2 - Smartphone ownership and usage has seen massive growth in the past years. As a result, their users have attracted unwanted attention from malicious entities and face many security challenges, including malware and privacy issues. This paper concentrates on IDS carefully designed to cater to the security needs of modern mobile platforms. Two main research issues are tackled: (a) the definition of an architecture which can be used towards implementing and deploying such a system in a dual-mode (host/cloud) manner and irrespectively of the underlying platform, and (b) the evaluation of a proof-of-concept anomaly-based IDS implementation that incorporates dissimilar detection features, with the aim to assess its performance qualities when running on state-of-the-art mobile hardware on the host device and on the cloud. This approach allows us to argue in favor of a hybrid host/cloud IDS arrangement (as it assembles the best characteristics of both worlds) and to provide quantitative evaluation facts on if and in which cases machine learning-driven detection is affordable when executed on-device.
AB - Smartphone ownership and usage has seen massive growth in the past years. As a result, their users have attracted unwanted attention from malicious entities and face many security challenges, including malware and privacy issues. This paper concentrates on IDS carefully designed to cater to the security needs of modern mobile platforms. Two main research issues are tackled: (a) the definition of an architecture which can be used towards implementing and deploying such a system in a dual-mode (host/cloud) manner and irrespectively of the underlying platform, and (b) the evaluation of a proof-of-concept anomaly-based IDS implementation that incorporates dissimilar detection features, with the aim to assess its performance qualities when running on state-of-the-art mobile hardware on the host device and on the cloud. This approach allows us to argue in favor of a hybrid host/cloud IDS arrangement (as it assembles the best characteristics of both worlds) and to provide quantitative evaluation facts on if and in which cases machine learning-driven detection is affordable when executed on-device.
UR - https://www.scopus.com/pages/publications/84900434211
UR - https://www.scopus.com/pages/publications/84900434211#tab=citedBy
U2 - 10.1145/2592791.2592797
DO - 10.1145/2592791.2592797
M3 - Conference contribution
AN - SCOPUS:84900434211
SN - 9781450327152
T3 - Proceedings of the 7th European Workshop on System Security, EuroSec 2014
BT - Proceedings of the 7th European Workshop on System Security, EuroSec 2014
T2 - 7th European Workshop on System Security, EuroSec 2014
Y2 - 13 April 2014 through 13 April 2014
ER -