Title :
Efficient Anomaly Detection System for Mobile Handsets
Author :
Ikebe, Yuka ; Nakayama, Takehiro ; Katagiri, Masaji ; Kawasaki, Satoshi ; Abe, Hirotake ; Shinagawa, Takahiro ; Kato, Kazuhiko
Author_Institution :
NTT DoCoMo, Inc., Tokyo
Abstract :
A new anomaly detection system for mobile handsets has been proposed. In this system, software behavior that deviates from a model representing normal behavior is considered to be an anomaly. It is generally impossible to cover software behavior exhaustively by the model, which could adversely affect accuracy. In order to resolve this problem, the proposed system assesses the anomalousness of behavior not covered by the model. Moreover, this system needs to have a low overhead in order to be used in mobile handsets, which have less computational resource than a PC. The proposed system adopts an efficient feature for behavior assessment to achieve a high accuracy with a low overhead. This system is implemented on the ARM architecture, which is widely used in mobile handsets. Experimental results clarify that the performance overhead is reasonable and anomalous behavior can be detected accurately.
Keywords :
computer viruses; mobile computing; software architecture; ARM architecture; anomaly detection system; mobile handsets; software behavior; Banking; Computer architecture; Information security; Mobile handsets; Pattern analysis; Runtime; Software performance; Software systems; Viruses (medical); Web and internet services; anomaly detection system; antivirus; software behavior;
Conference_Titel :
Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on
Conference_Location :
Cap Esterel
Print_ISBN :
978-0-7695-3329-2
Electronic_ISBN :
978-0-7695-3329-2
DOI :
10.1109/SECURWARE.2008.16
