Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices

Mobile computers are subject to a unique form of denial of service attack known as a battery exhaustion attack, in which an attacker attempts to rapidly drain the battery of the device. In this paper we present our first steps in the design of an intrusion detection system for these attacks, a system that takes into account the performance, energy, and memory constraints of mobile computing devices. This intrusion detection system uses several parameters, such as CPU load and disk accesses, to estimate the power consumption using a linear regression model, allowing us to find the energy used on a per process basis, and thus identifying processes that are potentially battery exhaustion attacks.

[1]  Mahadev Satyanarayanan,et al.  Pervasive computing: vision and challenges , 2001, IEEE Wirel. Commun..

[2]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[3]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[4]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[5]  Michael S. Hsiao,et al.  Denial-of-service attacks on battery-powered mobile computers , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.

[6]  Stephanie Forrest,et al.  Automated response using system-call delays , 2000 .

[7]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.