Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML

Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML

Modern and flexible application-level software platforms increase the attack surface of connected vehicles and thereby require automotive engineers to adopt additional security control techniques. These techniques encompass host-based intrusion detection systems (HIDSs) that detect suspicious activi...

Full description

Bibliographic Details
Main Authors: David Schubert, Hendrik Eikerling , Jörg Holtmann 
Format: Article
Language:English
Published: Frontiers Media S.A. 2021-08-01
Series:Frontiers in Computer Science
Subjects:
intrusion detection
security engineering
survey
AutoML
automotive
Online Access:https://www.frontiersin.org/articles/10.3389/fcomp.2021.567873/full
id doaj-df6f65af3b9c4df19d9e1a7040511fc1
record_format Article
spelling doaj-df6f65af3b9c4df19d9e1a7040511fc12021-08-24T12:28:47ZengFrontiers Media S.A.Frontiers in Computer Science2624-98982021-08-01310.3389/fcomp.2021.567873567873Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoMLDavid Schubert0Hendrik Eikerling 1Jörg Holtmann 2Software Engineering and IT Security, Fraunhofer IEM, Paderborn, GermanySoftware Engineering and IT Security, Fraunhofer IEM, Paderborn, GermanySoftware Engineering Division, Department of Computer Science and Engineering, Chalmers University of Technology, Gothenburg, SwedenModern and flexible application-level software platforms increase the attack surface of connected vehicles and thereby require automotive engineers to adopt additional security control techniques. These techniques encompass host-based intrusion detection systems (HIDSs) that detect suspicious activities in application contexts. Such application-aware HIDSs originate in information and communications technology systems and have a great potential to deal with the flexible nature of application-level software platforms. However, the elementary characteristics of known application-aware HIDS approaches and thereby the implications for their transfer to the automotive sector are unclear. In previous work, we presented a systematic literature review (SLR) covering the state of the art of application-aware HIDS approaches. We synthesized our findings by means of a fine-grained classification for each approach specified through a feature model and corresponding variant models. These models represent the approaches’ elementary characteristics. Furthermore, we summarized key findings and inferred implications for the transfer of application-aware HIDSs to the automotive sector. In this article, we extend the previous work by several aspects. We adjust the quality evaluation process within the SLR to be able to consider high quality conference publications, which results in an extended final pool of publications. For supporting HIDS developers on the task of configuring HIDS analysis techniques based on machine learning, we report on initial results on the applicability of AutoML. Furthermore, we present lessons learned regarding the application of the feature and variant model approach for SLRs. Finally, we more thoroughly describe the SLR study design.https://www.frontiersin.org/articles/10.3389/fcomp.2021.567873/fullintrusion detectionsecurity engineeringsurveyAutoMLautomotive
collection DOAJ
language English
format Article
sources DOAJ
author David Schubert
Hendrik Eikerling 
Jörg Holtmann 
spellingShingle David Schubert
Hendrik Eikerling 
Jörg Holtmann 
Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML
Frontiers in Computer Science
intrusion detection
security engineering
survey
AutoML
automotive
author_facet David Schubert
Hendrik Eikerling 
Jörg Holtmann 
author_sort David Schubert
title Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML
title_short Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML
title_full Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML
title_fullStr Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML
title_full_unstemmed Application-Aware Intrusion Detection: A Systematic Literature Review, Implications for Automotive Systems, and Applicability of AutoML
title_sort application-aware intrusion detection: a systematic literature review, implications for automotive systems, and applicability of automl
publisher Frontiers Media S.A.
series Frontiers in Computer Science
issn 2624-9898
publishDate 2021-08-01
description Modern and flexible application-level software platforms increase the attack surface of connected vehicles and thereby require automotive engineers to adopt additional security control techniques. These techniques encompass host-based intrusion detection systems (HIDSs) that detect suspicious activities in application contexts. Such application-aware HIDSs originate in information and communications technology systems and have a great potential to deal with the flexible nature of application-level software platforms. However, the elementary characteristics of known application-aware HIDS approaches and thereby the implications for their transfer to the automotive sector are unclear. In previous work, we presented a systematic literature review (SLR) covering the state of the art of application-aware HIDS approaches. We synthesized our findings by means of a fine-grained classification for each approach specified through a feature model and corresponding variant models. These models represent the approaches’ elementary characteristics. Furthermore, we summarized key findings and inferred implications for the transfer of application-aware HIDSs to the automotive sector. In this article, we extend the previous work by several aspects. We adjust the quality evaluation process within the SLR to be able to consider high quality conference publications, which results in an extended final pool of publications. For supporting HIDS developers on the task of configuring HIDS analysis techniques based on machine learning, we report on initial results on the applicability of AutoML. Furthermore, we present lessons learned regarding the application of the feature and variant model approach for SLRs. Finally, we more thoroughly describe the SLR study design.
topic intrusion detection
security engineering
survey
AutoML
automotive
url https://www.frontiersin.org/articles/10.3389/fcomp.2021.567873/full
work_keys_str_mv AT davidschubert applicationawareintrusiondetectionasystematicliteraturereviewimplicationsforautomotivesystemsandapplicabilityofautoml
AT hendrikeikerling applicationawareintrusiondetectionasystematicliteraturereviewimplicationsforautomotivesystemsandapplicabilityofautoml
AT jorgholtmann applicationawareintrusiondetectionasystematicliteraturereviewimplicationsforautomotivesystemsandapplicabilityofautoml
_version_ 1721197645884555264

Similar Items