隨著工業4.0的發展與應用,工廠普遍建置物聯網裝置,然而物聯網裝置與電腦資訊系統設備於資訊安全的防護上,仍多以電腦資訊為主,物聯網裝置現行資安防護較為缺乏,因此如何避免物聯網裝置成為資安攻擊者進入工廠內部網路的入口,以及避免成為攻擊其他資訊設備的裝置,為物聯網裝置應有的資安措施。;Allowlist is an approach that is widely used to protect IoT devices from the execution of malware. Along with the need for IoT devices to adjust their work, the requirement that a allowlist can be adjusted dynamically also emerges. Hence, this requirement also brings security issues about how to protect a allowlist and make a modification securely. After all, without appropriate protection, the allowlist of a compromised IoT devices can be modified by malware executing in the IoT device. The malware may even have root privilege. We propose a kernel based mechanism to protect the allowlist of an IoT device. Our approach allows the allowlist of an IoT device to be updated dynamically. Meanwhile, it disallows malware to change the allowlist, no matter what privilege a piece of malware has. Experimental results show that our system can effectively protect the allowlist of an IoT devices with low performance overhead.
