## Application-aware intrusion detection

• Modern and flexible application-level software platforms increase the attack surface of connected vehicles and thereby require automotive engineers to adopt additional security control techniques. These techniques encompass host-based intrusion detection systems (HIDSs) that detect suspicious activities in application contexts. Such applicationaware HIDSs are originally known from information and communications technology systems and have a great potential to deal with the flexible nature of application-level software platforms. However, the elementary characteristics of known application-aware HIDS approaches and thereby the implications for their transfer to the automotive sector are unclear. The main contribution of this publication is a systematic literature review covering the state of the art of application-aware HIDS approaches. We synthesize our findings by means of a fine-grained classification of each approach, which represents the approaches’ elementary characteristics. Furthermore, we summarize key findings and infer implications for the transfer of application-aware HIDSs to the automotive sector.

Author: David SchubertGND, Hendrik EikerlingGND, Jörg HoltmannGND urn:nbn:de:hbz:294-66540 https://doi.org/10.13154/294-6654 17$$^{th}$$ escar Europe : embedded security in cars (Konferenzveröffentlichung) a systematic literature review and implications for automotive systems Part of a Book English 2019/10/29 2019/10/29 Ruhr-Universität Bochum, Universitätsbibliothek Intrusion detection; Security engineering; Survey. 29 43 Allgemeines, Informatik, Informationswissenschaft / Informatik open_access 17th escar Europe : embedded security in cars Keine Creative Commons Lizenz - es gelten die Rechteeinräumung und das deutsche Urheberrecht