short-paper

Open access

L-IDS: A lightweight hardware-assisted IDS for IoT systems to detect ransomware attacks

Authors:

Farhad Mofidi,

Sena Hounsinou,

Gedare BloomAuthors Info & Claims

IoTDI '23: Proceedings of the 8th ACM/IEEE Conference on Internet of Things Design and Implementation

Pages 464 - 465

https://doi.org/10.1145/3576842.3589170

Published: 09 May 2023 Publication History

All formats PDF

Abstract

In recent years, ransomware has evolved to target Internet of things (IoT) devices, such as medical equipment and thermostats. Traditional ransomware detection methods may not be effective for resource-constrained IoT devices as IoT-based ransomware is geared towards impairing functionality rather than accessing data. Therefore, this article proposes L-IDS, a lightweight hardware-assisted intrusion detection system that combines hardware-assisted security, such as Trusted Execution Environment, with machine learning algorithms to detect and mitigate ransomware inside an IoT system with fewer resources. The proposed approach can more effectively protect IoT systems from ransomware attacks and requires less resources than traditional security scanning methods.

References

[1]

[1] IBM Security X-Force. (2021). 2021 X-Force Threat Intelligence Index. Retrieved from https://www.ibm.com/security/data-breach/threat-intelligence.

Google Scholar

[2]

[2] Ibrar Yaqoob, Ejaz Ahmed, Muhammad Habib ur Rehman, Abdelmuttlib Ibrahim Abdalla Ahmed, Mohammed Ali Al-garadi, Muhammad Imran, Mohsen Guizani, The rise of ransomware and emerging security challenges in the Internet of Things, Computer Networks, Volume 129, Part 2, 2017, Pages 444-458, ISSN 1389-1286.

Digital Library

Google Scholar

[3]

[3] Lemmou, Y., Lanet, J.-L. and Souidi, E.M. (2021), A behavioural in-depth analysis of ransomware infection. IET Inf. Secur, 15: 38-58.

Digital Library

Google Scholar

[4]

[4] Y. -L. Wan, J. -C. Chang, R. -J. Chen and S. -J. Wang, "Feature-Selection-Based Ransomware Detection with Machine Learning of Data Analysis," 2018 3rd International Conference on Computer and Communication Systems (ICCCS), Nagoya, Japan, 2018, pp. 85-88.

Crossref

Google Scholar

[5]

[5] Fengwei Zhang and Hongwei Zhang. 2016. SoK: A Study of Using Hardware-assisted Isolated Execution Environments for Security. In Proceedings of the Hardware and Architectural Support for Security and Privacy 2016 (HASP 2016). Association for Computing Machinery, New York, NY, USA, Article 3, 1–8.

Digital Library

Google Scholar

[6]

[6] Kiran Maharana, Surajit Mondal, Bhushankumar Nemade, A review: Data pre-processing and data augmentation techniques, Global Transitions Proceedings, Volume 3, Issue 1, 2022, Pages 91-99, ISSN 2666-285X.

Crossref

Google Scholar

[7]

[7] Lee, J.; Lee, K. A Method for Neutralizing Entropy Measurement-Based Ransomware Detection Technologies Using Encoding Algorithms. Entropy 2022, 24, 239.

Crossref

Google Scholar

Index Terms

L-IDS: A lightweight hardware-assisted IDS for IoT systems to detect ransomware attacks
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Intrusion detection systems
    2. Malware and its mitigation
  2. Security in hardware
    1. Embedded systems security
    2. Hardware security implementation
      1. Hardware-based security protocols

Recommendations

ML-IDS: an efficient ML-enabled intrusion detection system for securing IoT networks and applications
Abstract
The Internet of Things (IoT) and machine learning (ML) have various applications in different sectors of life, such as healthcare, agriculture, industries, transportation, smart cities, smart homes, etc., and their number is increasing with each ...
A smart IDS and response system for the internet malicious worm

In this paper, we proposed a behaviour-based intrusion detection and response system for the internet worm. The LAWS (Lambent Anti-Worm System) can detect the intruded services and influenced range automatically. Besides, it also can analyse the key ...
Unknown Attacks Detection Using Feature Extraction from Anomaly-Based IDS Alerts
SAINT '12: Proceedings of the 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet

Intrusion Detection Systems (IDSs) play an important role detecting various kinds of attacks and defend our computer systems from them. There are basically two main types of detection techniques: signature-based and anomaly-based. A signature-based IDS ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

IoTDI '23: Proceedings of the 8th ACM/IEEE Conference on Internet of Things Design and Implementation

May 2023

514 pages

ISBN:9798400700378

DOI:10.1145/3576842

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 May 2023

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

IoTDI '23

Sponsor:

SIGBED

IoTDI '23: International Conference on Internet-of-Things Design and Implementation

May 9 - 12, 2023

TX, San Antonio, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
339
Total Downloads

Downloads (Last 12 months)227
Downloads (Last 6 weeks)34

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Index Terms

Recommendations

ML-IDS: an efficient ML-enabled intrusion detection system for securing IoT networks and applications

A smart IDS and response system for the internet malicious worm

Unknown Attacks Detection Using Feature Extraction from Anomaly-Based IDS Alerts