Efficient Anomaly Detection System for Mobile Handsets

Author

Ikebe, Yuka ; Nakayama, Takehiro ; Katagiri, Masaji ; Kawasaki, Satoshi ; Abe, Hirotake ; Shinagawa, Takahiro ; Kato, Kazuhiko

Author_Institution

NTT DoCoMo, Inc., Tokyo

fYear

2008

fDate

25-31 Aug. 2008

Firstpage

154

Lastpage

160

Abstract

A new anomaly detection system for mobile handsets has been proposed. In this system, software behavior that deviates from a model representing normal behavior is considered to be an anomaly. It is generally impossible to cover software behavior exhaustively by the model, which could adversely affect accuracy. In order to resolve this problem, the proposed system assesses the anomalousness of behavior not covered by the model. Moreover, this system needs to have a low overhead in order to be used in mobile handsets, which have less computational resource than a PC. The proposed system adopts an efficient feature for behavior assessment to achieve a high accuracy with a low overhead. This system is implemented on the ARM architecture, which is widely used in mobile handsets. Experimental results clarify that the performance overhead is reasonable and anomalous behavior can be detected accurately.

Keywords

computer viruses; mobile computing; software architecture; ARM architecture; anomaly detection system; mobile handsets; software behavior; Banking; Computer architecture; Information security; Mobile handsets; Pattern analysis; Runtime; Software performance; Software systems; Viruses (medical); Web and internet services; anomaly detection system; antivirus; software behavior;

fLanguage

English

Publisher

ieee

Conference_Titel

Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on

Conference_Location

Cap Esterel

Print_ISBN

978-0-7695-3329-2

Electronic_ISBN

978-0-7695-3329-2

Type

conf

DOI

10.1109/SECURWARE.2008.16

Filename

4622576