Online anomaly detection for reconfigurable self-X real-time operating systems : a danger theory-inspired approach / Diplom-Informatikerin Katharina Stahl. Paderborn, 2016
Inhalt
- Acknowledgements
- Abstract
- Zusammenfassung
- I Introduction
- II Foundations
- 2 Anomaly Detection
- 2.1 Definition
- 2.2 Properties and Features
- 2.3 Architectural Model
- 2.4 Data Classification
- 2.5 Anomaly Detection Techniques
- 2.6 Application Domains
- 2.7 Summary
- 3 Artificial Immune Systems
- 3.1 The Human Immune System
- 3.2 Artificial Immune Systems
- 3.3 Self/Nonself Discrimination
- 3.4 Danger Theory
- 3.5 Evaluation of Artificial Immune Systems
- 3.6 Summary
- 4 Related Work
- 4.1 System Call-based Anomaly Detection
- 4.2 AIS-inspired Anomaly Detection
- 4.3 Danger Theory-based Anomaly Detection
- 4.4 Discussion and Summary
- 5 Online Pattern Matching
- 6 ORCOS - Organic Reconfigurable Operating System
- III Online Anomaly Detection
- IV Implementation and Evaluation
- 8 ORCOS Online Anomaly Detection Framework
- 8.1 Online Reconfigurability
- 8.2 Basic Self-X Architecture
- 8.3 Architecture for Anomaly Detection
- 8.4 System Call Monitor
- 8.5 Behavior Knowledge Base
- 8.6 Operating System Health Monitor
- 8.7 Classification
- 8.8 Runtime Process of Anomaly Detection
- 8.9 Summary
- 9 Evaluation of Costs
- V Case Study
- 10 Evaluation Methodologies
- 10.1 Problems and Challenges
- 10.2 Requirements
- 10.3 Applicability of Virtual Reality and Virtual Environments
- 10.4 Summary
- 11 Evaluation Case Environment
- 11.1 Evaluation Environment
- 11.2 The BeBot
- 11.3 Interaction and Control
- 11.4 Evaluation Output
- 11.5 Evaluation Scenarios
- 11.6 Summary
- 12 Evaluation Results and Discussion
- VI Conclusion
- 13 Summary and Conclusion
- Appendices
- A ORCOS System Calls
- A.1 Stream/File related system calls
- A.2 Memory related system calls
- A.3 Task related system calls
- A.4 Thread related system calls
- A.5 Signal related system calls
- A.6 Socket related system calls
- A.7 System calls for Task loading
- A.8 Others
- A.9 Specific system calls under QEMU
- A.10 System calls for BeBot control
- A.11 Additional System Calls for Bug Manipulator/Generator
- B System Call Monitor API
- C OS Health Monitor - Parameter
- C.1 Scheduler Monitor
- C.2 Processor Utilization Monitor
- C.3 Memory Manager Monitor
- C.4 Communication Monitor
- C.5 File Manager Monitor
- C.6 Device Driver Monitor
- C.7 IR Sensor Monitor
- D Device Driver Monitor Interface
- E OS Health Monitor API
- F Proposals for future research
- F.1 Potentials to enhance the evaluation of the classification marker
- F.2 Alternatives for Processing the Anomaly Detection
- List of Figures
- My Publications
- Bibliography