FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1511252894> ?p ?o ?g. }

• W1511252894 endingPage "300" @default.
• W1511252894 startingPage "285" @default.
• W1511252894 abstract "In this paper we propose an anomaly intrusion detection model based on shuffle operation and product machines targeting persistent interposition attacks on control systems. These at actuallyareundetectable by the most advanced system call monitors as they issue no system calls and are stealthy enough to transfer control to hijacked library functions without letting their saved instruction pointers get stored on stack. We exploit the fact that implementations of control protocols running in control systems, which in turn are attached to physical systems such as power plants and electrical substations, exhibit strong regularities in terms of sequences of function calls and system calls issued during protocol transactions. The main idea behind the proposed approach is to introduce NULL function calls within a Modbus binary and to apply the shuffle operation between them and existing function calls. We then devise and implement a product machine capable of recognizing the shuffle representation of function call and system call regularities. A sensor uses a unidirectional interprocess communication channel based on shared memory to receive profile data from a Modbus process, and subsequently submits them to the product machine. We describe an experimental evaluation of our model on an ARM-based Modbus device and demonstrate that the proposed model overcomes the limitations of state of the art approaches with regard to detection of persistent interposition attacks on control systems." @default.
• W1511252894 created "2016-06-24" @default.
• W1511252894 creator A5022002868 @default.
• W1511252894 creator A5087624601 @default.
• W1511252894 date "2008-07-16" @default.
• W1511252894 modified "2023-09-25" @default.
• W1511252894 title "A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems" @default.
• W1511252894 cites W1540999307 @default.
• W1511252894 cites W1573320298 @default.
• W1511252894 cites W2025475662 @default.
• W1511252894 cites W2117790069 @default.
• W1511252894 cites W2137569638 @default.
• W1511252894 cites W2167332015 @default.
• W1511252894 cites W2171791323 @default.
• W1511252894 doi "https://doi.org/10.1007/978-0-387-09699-5_19" @default.
• W1511252894 hasPublicationYear "2008" @default.
• W1511252894 type Work @default.
• W1511252894 sameAs 1511252894 @default.
• W1511252894 citedByCount "6" @default.
• W1511252894 countsByYear W15112528942013 @default.
• W1511252894 countsByYear W15112528942014 @default.
• W1511252894 countsByYear W15112528942018 @default.
• W1511252894 crossrefType "book-chapter" @default.
• W1511252894 hasAuthorship W1511252894A5022002868 @default.
• W1511252894 hasAuthorship W1511252894A5087624601 @default.
• W1511252894 hasBestOaLocation W15112528941 @default.
• W1511252894 hasConcept C111919701 @default.
• W1511252894 hasConcept C120314980 @default.
• W1511252894 hasConcept C12269588 @default.
• W1511252894 hasConcept C14036430 @default.
• W1511252894 hasConcept C149635348 @default.
• W1511252894 hasConcept C165696696 @default.
• W1511252894 hasConcept C167822520 @default.
• W1511252894 hasConcept C199360897 @default.
• W1511252894 hasConcept C2524010 @default.
• W1511252894 hasConcept C2776666747 @default.
• W1511252894 hasConcept C2778579508 @default.
• W1511252894 hasConcept C33923547 @default.
• W1511252894 hasConcept C38652104 @default.
• W1511252894 hasConcept C41008148 @default.
• W1511252894 hasConcept C78458016 @default.
• W1511252894 hasConcept C86803240 @default.
• W1511252894 hasConcept C90673727 @default.
• W1511252894 hasConcept C98045186 @default.
• W1511252894 hasConceptScore W1511252894C111919701 @default.
• W1511252894 hasConceptScore W1511252894C120314980 @default.
• W1511252894 hasConceptScore W1511252894C12269588 @default.
• W1511252894 hasConceptScore W1511252894C14036430 @default.
• W1511252894 hasConceptScore W1511252894C149635348 @default.
• W1511252894 hasConceptScore W1511252894C165696696 @default.
• W1511252894 hasConceptScore W1511252894C167822520 @default.
• W1511252894 hasConceptScore W1511252894C199360897 @default.
• W1511252894 hasConceptScore W1511252894C2524010 @default.
• W1511252894 hasConceptScore W1511252894C2776666747 @default.
• W1511252894 hasConceptScore W1511252894C2778579508 @default.
• W1511252894 hasConceptScore W1511252894C33923547 @default.
• W1511252894 hasConceptScore W1511252894C38652104 @default.
• W1511252894 hasConceptScore W1511252894C41008148 @default.
• W1511252894 hasConceptScore W1511252894C78458016 @default.
• W1511252894 hasConceptScore W1511252894C86803240 @default.
• W1511252894 hasConceptScore W1511252894C90673727 @default.
• W1511252894 hasConceptScore W1511252894C98045186 @default.
• W1511252894 hasLocation W15112528941 @default.
• W1511252894 hasOpenAccess W1511252894 @default.
• W1511252894 hasPrimaryLocation W15112528941 @default.
• W1511252894 hasRelatedWork W1511252894 @default.
• W1511252894 hasRelatedWork W2128417237 @default.
• W1511252894 hasRelatedWork W2171086579 @default.
• W1511252894 hasRelatedWork W2347780978 @default.
• W1511252894 hasRelatedWork W2353721366 @default.
• W1511252894 hasRelatedWork W2358085404 @default.
• W1511252894 hasRelatedWork W2378068990 @default.
• W1511252894 hasRelatedWork W2380130075 @default.
• W1511252894 hasRelatedWork W2386959269 @default.
• W1511252894 hasRelatedWork W2387904164 @default.
• W1511252894 isParatext "false" @default.
• W1511252894 isRetracted "false" @default.
• W1511252894 magId "1511252894" @default.
• W1511252894 workType "book-chapter" @default.