Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Android-based Devices T+91 KB-IDS - Prototype Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Android-based Devices T+91 KB-IDS - Prototype Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version."— Presentation transcript:

1 Securing Android-based Devices T+91 KB-IDS - Prototype Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version 1.0Team members: Uri Kanonov, Elad Ankry, Eliya Rahamim May 11 th 2009Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai

2 Global system architecture Securing Android-based Devices T+92 Graphical User Interface Feature Manager Loggers Communication layer Threat Weighting Unit Application Level Operating System Scheduling Memory Keyboard Network Hardware Power SQLite Feature Extractors Configuration Manager KBTA… Processors Alert Handler Agent Service Processor Manager NetProtect Linux Kernel Application Framework

3 KBTA-Processor Implemented  Ontology  Loading  Storage  Handled Elements  Primitives  Events  State  Context  Computation  KBTA-Service (Incremental Abstraction)  Monitoring  Alerts definition  Loading from XML  Storage  Monitoring Abstractions  Communication with the TWU Securing Android-based Devices T+93

4 KBTA-Processor Remaining  Handled Elements  Trend  Pattern  Context destruction  Processor setting screen  Sending of monitored elements to NetProtect Securing Android-based Devices T+94

5 Overview of the KBTA Algorithm Securing Android-based Devices T+95 Knowledge (KBTA Security ontology) Four inference mechanisms: - Temporal Context Forming - Contemporaneous Abstraction - Temporal Interpolation - Temporal Pattern Matching Higher Level Meaningful Temporal Information: - Contexts - Abstractions (Trends, States) - Temporal Patterns Time-Stamped Raw Data: - Primitive Parameters - Events

6 Securing Android-based Devices T+96 Perm_Camera Many_Apps_With_Camera_Permission Camera_Usage Camera Camera_Abuse Demonstration Scenario #1 Amount of non- system applications with the Camera permission Amount of pictures taken in the last 2 minutes Primitive Legen d Context State Alert

7 Securing Android-based Devices T+97 Running _Processes Amount_of_Processes_High Garbage_Collections High_CPU_Usage Garbage_Collections_Level Minor_Page_Faults Minor_Page_Faults_Level Context_Switches_Level Context_Switches CPU_Usage System_Load_level Abnormal System Load Demonstration Scenario #2

Download ppt "Securing Android-based Devices T+91 KB-IDS - Prototype Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for Android Version."

Similar presentations

Operating-System Structures

Operating-System Structures
ANDROID OPERATING SYSTEM Guided By,Presented By, Ajay B.N Somashekar B.T Asst Professor MTech 2 nd Sem (CE)Dept of CS & E.

ANDROID OPERATING SYSTEM Guided By,Presented By, Ajay B.N Somashekar B.T Asst Professor MTech 2 nd Sem (CE)Dept of CS & E.
KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.

KB-IDS. Academic Advisor: Dr. Yuval Elovici Technical Advisor: Asaf Shabtai Team Members: Eliya Rahamim Elad Ankry Uri Kanonov.
KB-IDS Application Design Document1 KB-IDS – Application Design Document Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for.

KB-IDS Application Design Document1 KB-IDS – Application Design Document Knowledge-based Temporal Abstraction Host- based Intrusion Detection System for.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
ACADEMIC ADVISOR DR. YUVAL ELOVICI TECHNICAL ADVISOR ASAF SHABTAI TEAM MAOR GUETTA, ARKADY MISHIEV Distributed - KBTA: A Distributed Framework for efficient.

ACADEMIC ADVISOR DR. YUVAL ELOVICI TECHNICAL ADVISOR ASAF SHABTAI TEAM MAOR GUETTA, ARKADY MISHIEV Distributed - KBTA: A Distributed Framework for efficient.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
PARALLEL COMPUTATION OF KNOWLEDGE-BASED TEMPORAL ABSTRACTION Academic advisor Dr. Yuval Elovici Technical advisor Asaf Shabtai Team Maor Guetta, Arkady.

PARALLEL COMPUTATION OF KNOWLEDGE-BASED TEMPORAL ABSTRACTION Academic advisor Dr. Yuval Elovici Technical advisor Asaf Shabtai Team Maor Guetta, Arkady.
Application Design. Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.

Application Design. Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.
Company: Deutsche Telekom Academic advisor: Yuval Elovici Technical advisor: Assaf Shabtai Project Team:Limor Segev Eran Frieman Carmel Karni Limor Segev,

Company: Deutsche Telekom Academic advisor: Yuval Elovici Technical advisor: Assaf Shabtai Project Team:Limor Segev Eran Frieman Carmel Karni Limor Segev,
Xuan Guo Chapter 1 What is UNIX? Graham Glass and King Ables, UNIX for Programmers and Users, Third Edition, Pearson Prentice Hall, 2003 Original Notes.

Xuan Guo Chapter 1 What is UNIX? Graham Glass and King Ables, UNIX for Programmers and Users, Third Edition, Pearson Prentice Hall, 2003 Original Notes.
Introduction to the course January 9, 2012. Points to Cover  What is GIS?  GIS and Geographic Information Science  Components of GIS Spatial data.

Introduction to the course January 9, Points to Cover  What is GIS?  GIS and Geographic Information Science  Components of GIS Spatial data.
Android Middleware Bo Pang Bpang@cc.hut.fi.

Android Middleware Bo Pang
Ch4: Distributed Systems Architectures. Typically, system with several interconnected computers that do not share clock or memory. Motivation: tie together.

Ch4: Distributed Systems Architectures. Typically, system with several interconnected computers that do not share clock or memory. Motivation: tie together.
Computer Organization Review and OS Introduction CS550 Operating Systems.

Computer Organization Review and OS Introduction CS550 Operating Systems.
Aefa Personal Exercise Assistant. Introduction Team members: Justin Bumpus-Barnett Dmitri Musatkin Cilranus Thompson Sean Cline Course Instructor: Dr.

Aefa Personal Exercise Assistant. Introduction Team members: Justin Bumpus-Barnett Dmitri Musatkin Cilranus Thompson Sean Cline Course Instructor: Dr.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人:張逸文.

Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人:張逸文.
Android Programming By Mohsen Biglari Android Programming, Part1: Introduction 1 Part1: Introduction By Mohsen Biglari.

Android Programming By Mohsen Biglari Android Programming, Part1: Introduction 1 Part1: Introduction By Mohsen Biglari.
A Unified, Low-overhead Framework to Support Continuous Profiling and Optimization Xubin (Ben) He Storage Technology & Architecture Research(STAR)

A Unified, Low-overhead Framework to Support Continuous Profiling and Optimization Xubin (Ben) He Storage Technology & Architecture Research(STAR)

Similar presentations

Ads by Google