Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

Real-Time Anomalous Branch Behavior Inference with a GPU-inspired Engine for Machine Learning Models

Authors
Oh, HyunyoungYi, HayoonChoe, HyeokjunCho, Yeong pilYoon, SungrohPaek, Yunheung
Issue Date
Mar-2019
Keywords
anomaly detection; embedded system; machine learning; runtime security
Citation
Proceedings -Design, Automation and Test in Europe, DATE, pp 908 - 913
Pages
6
Indexed
SCOPUS
Journal Title
Proceedings -Design, Automation and Test in Europe, DATE
Start Page
908
End Page
913
URI
https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/148129
DOI
10.23919/DATE.2019.8714807
ISSN
1530-1591
1558-1101
Abstract
Attacks on embedded devices are likely to occur any time in unexpected manners. Thus, the defense systems based on fixed sets of rules will easily be subverted by such unexpected, unknown attacks. Learning-based anomaly detection may potentially prevent new unknown zero-day attacks by leveraging the capability of machine learning (ML) to learn the intricate true nature of software hidden within raw information. This paper introduces our work to develop an MPSoC, called RTAD, which can efficiently support in hardware various ML models that run to detect anomalous behaviors on embedded devices in a real-time fashion, and thus enable the devices to counteract the anomalies in the field. In the IoT era, the importance of security for embedded devices cannot be exaggerated because they will become an enticing target for adversaries as they are being integrated into everyday life to provide users with various services. The above-mentioned potential of learning-based detection is believed to benefit those deployed devices under attacks occurring any time during their field operations in unexpected manners. We hereby assume that ML models are trained with runtime branch information as their data features since a sequence of branches serves as a record of control flow transfers during program execution. In fact, there have been numerous ML studies that examine various types of branches in order to infer (or detect) anomaly in branch behaviors that may be induced by diverse attacks that can cause deviant control flow in software. Our goal of real-time anomalous branch behavior inference poses two challenges to our development of RTAD. Firstly, RTAD must collect and transfer in a timely fashion a sequence of branches as the input to the ML model. Secondly, RTAD must be able to promptly process the delivered branch data with the ML model. To tackle these challenges, we have implemented in RTAD two core components: an input generation module and a GPU-inspired ML processing engine. According to our experiments, RTAD enables various ML models to infer anomaly instantly after the victim program behaves aberrantly as the result of attacks being injected into the system.
Files in This Item
Go to Link
Appears in
Collections
서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Researcher Cho, Yeong pil photo

Cho, Yeong pil
COLLEGE OF ENGINEERING (SCHOOL OF COMPUTER SCIENCE)
Read more

Altmetrics

Total Views & Downloads

BROWSE