中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/82867
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41689310      Online Users : 1353
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/82867


    Title: SMACK-based application whitelisting on AGL;SMACK-based application whitelisting on AGL
    Authors: 劉哲豪;Liu, Che-Hao
    Contributors: 資訊工程學系
    Keywords: 白名單;資訊安全;whitelisting;security
    Date: 2020-01-14
    Issue Date: 2020-06-05 17:38:24 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著科技的日新月異,車用電腦也發展得越來越完全。而近幾年自駕車、車用資訊娛樂系統也變得越來越成熟,許多產品也實際的被應用在真實世界裡。也因此車用資訊娛樂系統的安全性便受到了重視。而Automotive Grade Linux (AGL)是Linux Foundation的開源專案項目之一,此一開源專案主要目的在於提供一個可供各大車廠使用的車用資訊娛樂系統。由於AGL可以直接存取車上的ECU,因此若是遭到惡意攻擊者的攻擊,則攻擊者便可能得到整台車的控制權,進而影響駕駛人的生命安全。
    本篇論文將透過Linux security module — SMACK 搭配Access Control List (ACL),對AGL上的程式進行權限控管,進而實做出應用程式白名單機制,此機制能夠在不更動原有AGL的系統架構及不影響AGL原有系統程式的執行狀況下,有效地加強AGL的安全防護。
    為了證明此機制的可行性,我們實際應用在AGL的系統上,並透過遠端攻擊的方式測試是否能夠攻擊成功。實驗結果顯示這樣的機制確實能夠有效的防止惡意攻擊者的遠端攻擊。
    ;In recent years, self-driving and in-vehicle systems have become more and more mature, and many products have actually been applied in the real world. Therefore, the security of the in-vehicle system has received attention. Automotive Grade Linux (AGL) is one of the Linux Foundation′s open source project. The main purpose of this open source project is to provide a car infotainment system that can be used by major car manufacturers. Since AGL can directly access the Electronic Control Unit (ECU), if it is attacked by a malicious attacker, the attacker may gain control of the entire car, thereby affecting the life of the driver.
    This paper will use Linux security module – SMACK and Access Control List (ACL) to control the access permission of program on AGL, and then implement the application whitelist mechanism. This mechanism could enhance the security on AGL, and it would not change the original AGL system architecture.
    In order to prove the feasibility of this mechanism, we apply it to the real AGL system and test whether it can be successfully attacked by remote attacker. Experimental results show that such a mechanism can effectively prevent remote attacks by malicious attackers.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML178View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明