摘要(英) |
Allowlist is an approach that is widely used to protect IoT devices from the execution of malware. Along with the need for IoT devices to adjust their work, the requirement that a allowlist can be adjusted dynamically also emerges. Hence, this requirement also brings security issues about how to protect a allowlist and make a modification securely. After all, without appropriate protection, the allowlist of a compromised IoT devices can be modified by malware executing in the IoT device. The malware may even have root privilege. We propose a kernel based mechanism to protect the allowlist of an IoT device. Our approach allows the allowlist of an IoT device to be updated dynamically. Meanwhile, it disallows malware to change the allowlist, no matter what privilege a piece of malware has. Experimental results show that our system can effectively protect the allowlist of an IoT devices with low performance overhead. |
參考文獻 |
[1] Gary Mullen, Liam Meany, "Assessment of Buffer Overflow Based Attacks," 22 July 2019.
[2] W. H. Mardiana bintiMohamad Noor, "Current research on Internet of Things (IoT) security: A survey," 27 Nov. 2018.
[3] "Linux Security Module Usage," [Online]. Available: https://www.kernel.org/doc/html/v4.16/admin-guide/LSM/index.html. [Accessed 19 Apr. 2022].
[4] Fan Dang, Zhenhua Li, Yunhao Liu, Ennan Zhai, Qi Alfred Chen, Tianyin Xu, Yan Chen, Jingyu Yang, "Understanding Fileless Attacks on Linux-based IoT Devices with HoneyCloud," 12 Jun. 2019.
[5] S. R. Department, "statista," Statista, 27 Nov. 2016. [Online]. Available: https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/.
[6] Y. W. Preetha Thulasiraman, "A Lightweight Trust-Based Security Architecture for RPL in Mobile IoT Networks," 28 Feb. 2019.
[7] Diego M. Mendez Mena, Baijian Yang, "Blockchain-Based Whitelisting for Consumer IoT Devices and Home Networks," 14 Sep 2018. |