RUB » Bibliotheksportal

David Schubert, Hendrik Eikerling, Jörg Holtmann

• Modern and flexible application-level software platforms increase the attack surface of connected vehicles and thereby require automotive engineers to adopt additional security control techniques. These techniques encompass host-based intrusion detection systems (HIDSs) that detect suspicious activities in application contexts. Such applicationaware HIDSs are originally known from information and communications technology systems and have a great potential to deal with the flexible nature of application-level software platforms. However, the elementary characteristics of known application-aware HIDS approaches and thereby the implications for their transfer to the automotive sector are unclear. The main contribution of this publication is a systematic literature review covering the state of the art of application-aware HIDS approaches. We synthesize our findings by means of a fine-grained classification of each approach, which represents the approaches’ elementary characteristics. Furthermore, we summarize key findings and infer implications for the transfer of application-aware HIDSs to the automotive sector.