Obfuscated memory malware detection in resource-constrained iot devices for smart city applications
- Shafin, Sakib, Karmakar, Gour, Mareels, Iven
- Authors: Shafin, Sakib , Karmakar, Gour , Mareels, Iven
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 11 (2023), p. 5348
- Full Text:
- Reviewed:
- Description: Obfuscated Memory Malware (OMM) presents significant threats to interconnected systems, including smart city applications, for its ability to evade detection through concealment tactics. Existing OMM detection methods primarily focus on binary detection. Their multiclass versions consider a few families only and, thereby, fail to detect much existing and emerging malware. Moreover, their large memory size makes them unsuitable to be executed in resource-constrained embedded/IoT devices. To address this problem, in this paper, we propose a multiclass but lightweight malware detection method capable of identifying recent malware and is suitable to execute in embedded devices. For this, the method considers a hybrid model by combining the feature-learning capabilities of convolutional neural networks with the temporal modeling advantage of bidirectional long short-term memory. The proposed architecture exhibits compact size and fast processing speed, making it suitable for deployment in IoT devices that constitute the major components of smart city systems. Extensive experiments with the recent CIC-Malmem-2022 OMM dataset demonstrate that our method outperforms other machine learning-based models proposed in the literature in both detecting OMM and identifying specific attack types. Our proposed method thus offers a robust yet compact model executable in IoT devices for defending against obfuscated malware.
- Authors: Shafin, Sakib , Karmakar, Gour , Mareels, Iven
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 11 (2023), p. 5348
- Full Text:
- Reviewed:
- Description: Obfuscated Memory Malware (OMM) presents significant threats to interconnected systems, including smart city applications, for its ability to evade detection through concealment tactics. Existing OMM detection methods primarily focus on binary detection. Their multiclass versions consider a few families only and, thereby, fail to detect much existing and emerging malware. Moreover, their large memory size makes them unsuitable to be executed in resource-constrained embedded/IoT devices. To address this problem, in this paper, we propose a multiclass but lightweight malware detection method capable of identifying recent malware and is suitable to execute in embedded devices. For this, the method considers a hybrid model by combining the feature-learning capabilities of convolutional neural networks with the temporal modeling advantage of bidirectional long short-term memory. The proposed architecture exhibits compact size and fast processing speed, making it suitable for deployment in IoT devices that constitute the major components of smart city systems. Extensive experiments with the recent CIC-Malmem-2022 OMM dataset demonstrate that our method outperforms other machine learning-based models proposed in the literature in both detecting OMM and identifying specific attack types. Our proposed method thus offers a robust yet compact model executable in IoT devices for defending against obfuscated malware.
An evidence theoretic approach for traffic signal intrusion detection
- Chowdhury, Abdullahi, Karmakar, Gour, Kamruzzaman, Joarder, Das, Rajkumar, Newaz, Shah
- Authors: Chowdhury, Abdullahi , Karmakar, Gour , Kamruzzaman, Joarder , Das, Rajkumar , Newaz, Shah
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 10 (2023), p. 4646
- Full Text:
- Reviewed:
- Description: The increasing attacks on traffic signals worldwide indicate the importance of intrusion detection. The existing traffic signal Intrusion Detection Systems (IDSs) that rely on inputs from connected vehicles and image analysis techniques can only detect intrusions created by spoofed vehicles. However, these approaches fail to detect intrusion from attacks on in-road sensors, traffic controllers, and signals. In this paper, we proposed an IDS based on detecting anomalies associated with flow rate, phase time, and vehicle speed, which is a significant extension of our previous work using additional traffic parameters and statistical tools. We theoretically modelled our system using the Dempster-Shafer decision theory, considering the instantaneous observations of traffic parameters and their relevant historical normal traffic data. We also used Shannon's entropy to determine the uncertainty associated with the observations. To validate our work, we developed a simulation model based on the traffic simulator called SUMO using many real scenarios and the data recorded by the Victorian Transportation Authority, Australia. The scenarios for abnormal traffic conditions were generated considering attacks such as jamming, Sybil, and false data injection attacks. The results show that the overall detection accuracy of our proposed system is 79.3% with fewer false alarms.
- Authors: Chowdhury, Abdullahi , Karmakar, Gour , Kamruzzaman, Joarder , Das, Rajkumar , Newaz, Shah
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 10 (2023), p. 4646
- Full Text:
- Reviewed:
- Description: The increasing attacks on traffic signals worldwide indicate the importance of intrusion detection. The existing traffic signal Intrusion Detection Systems (IDSs) that rely on inputs from connected vehicles and image analysis techniques can only detect intrusions created by spoofed vehicles. However, these approaches fail to detect intrusion from attacks on in-road sensors, traffic controllers, and signals. In this paper, we proposed an IDS based on detecting anomalies associated with flow rate, phase time, and vehicle speed, which is a significant extension of our previous work using additional traffic parameters and statistical tools. We theoretically modelled our system using the Dempster-Shafer decision theory, considering the instantaneous observations of traffic parameters and their relevant historical normal traffic data. We also used Shannon's entropy to determine the uncertainty associated with the observations. To validate our work, we developed a simulation model based on the traffic simulator called SUMO using many real scenarios and the data recorded by the Victorian Transportation Authority, Australia. The scenarios for abnormal traffic conditions were generated considering attacks such as jamming, Sybil, and false data injection attacks. The results show that the overall detection accuracy of our proposed system is 79.3% with fewer false alarms.
IoT-based emergency vehicle services in intelligent transportation system
- Chowdhury, Abdullahi, Kaisar, Shahriar, Khoda, Mahbub, Naha, Ranesh, Khoshkholghi, Mohammad, Aiash, Mahdi
- Authors: Chowdhury, Abdullahi , Kaisar, Shahriar , Khoda, Mahbub , Naha, Ranesh , Khoshkholghi, Mohammad , Aiash, Mahdi
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 11 (2023), p. 5324
- Full Text:
- Reviewed:
- Description: Emergency Management System (EMS) is an important component of Intelligent transportation systems, and its primary objective is to send Emergency Vehicles (EVs) to the location of a reported incident. However, the increasing traffic in urban areas, especially during peak hours, results in the delayed arrival of EVs in many cases, which ultimately leads to higher fatality rates, increased property damage, and higher road congestion. Existing literature addressed this issue by giving higher priority to EVs while traveling to an incident place by changing traffic signals (e.g., making the signals green) on their travel path. A few works have also attempted to find the best route for an EV using traffic information (e.g., number of vehicles, flow rate, and clearance time) at the beginning of the journey. However, these works did not consider congestion or disruption faced by other non-emergency vehicles adjacent to the EV travel path. The selected travel paths are also static and do not consider changing traffic parameters while EVs are en route. To address these issues, this article proposes an Unmanned Aerial Vehicle (UAV) guided priority-based incident management system to assist EVs in obtaining a better clearance time in intersections and thus achieve a lower response time. The proposed model also considers disruption faced by other surrounding non-emergency vehicles adjacent to the EVs' travel path and selects an optimal solution by controlling the traffic signal phase time to ensure that EVs can reach the incident place on time while causing minimal disruption to other on-road vehicles. Simulation results indicate that the proposed model achieves an 8% lower response time for EVs while the clearance time surrounding the incident place is improved by 12%.
- Authors: Chowdhury, Abdullahi , Kaisar, Shahriar , Khoda, Mahbub , Naha, Ranesh , Khoshkholghi, Mohammad , Aiash, Mahdi
- Date: 2023
- Type: Text , Journal article
- Relation: Sensors Vol. 23, no. 11 (2023), p. 5324
- Full Text:
- Reviewed:
- Description: Emergency Management System (EMS) is an important component of Intelligent transportation systems, and its primary objective is to send Emergency Vehicles (EVs) to the location of a reported incident. However, the increasing traffic in urban areas, especially during peak hours, results in the delayed arrival of EVs in many cases, which ultimately leads to higher fatality rates, increased property damage, and higher road congestion. Existing literature addressed this issue by giving higher priority to EVs while traveling to an incident place by changing traffic signals (e.g., making the signals green) on their travel path. A few works have also attempted to find the best route for an EV using traffic information (e.g., number of vehicles, flow rate, and clearance time) at the beginning of the journey. However, these works did not consider congestion or disruption faced by other non-emergency vehicles adjacent to the EV travel path. The selected travel paths are also static and do not consider changing traffic parameters while EVs are en route. To address these issues, this article proposes an Unmanned Aerial Vehicle (UAV) guided priority-based incident management system to assist EVs in obtaining a better clearance time in intersections and thus achieve a lower response time. The proposed model also considers disruption faced by other surrounding non-emergency vehicles adjacent to the EVs' travel path and selects an optimal solution by controlling the traffic signal phase time to ensure that EVs can reach the incident place on time while causing minimal disruption to other on-road vehicles. Simulation results indicate that the proposed model achieves an 8% lower response time for EVs while the clearance time surrounding the incident place is improved by 12%.
- «
- ‹
- 1
- ›
- »