中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/82867
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41710879      線上人數 : 1461
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/82867


    題名: SMACK-based application whitelisting on AGL;SMACK-based application whitelisting on AGL
    作者: 劉哲豪;Liu, Che-Hao
    貢獻者: 資訊工程學系
    關鍵詞: 白名單;資訊安全;whitelisting;security
    日期: 2020-01-14
    上傳時間: 2020-06-05 17:38:24 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著科技的日新月異,車用電腦也發展得越來越完全。而近幾年自駕車、車用資訊娛樂系統也變得越來越成熟,許多產品也實際的被應用在真實世界裡。也因此車用資訊娛樂系統的安全性便受到了重視。而Automotive Grade Linux (AGL)是Linux Foundation的開源專案項目之一,此一開源專案主要目的在於提供一個可供各大車廠使用的車用資訊娛樂系統。由於AGL可以直接存取車上的ECU,因此若是遭到惡意攻擊者的攻擊,則攻擊者便可能得到整台車的控制權,進而影響駕駛人的生命安全。
    本篇論文將透過Linux security module — SMACK 搭配Access Control List (ACL),對AGL上的程式進行權限控管,進而實做出應用程式白名單機制,此機制能夠在不更動原有AGL的系統架構及不影響AGL原有系統程式的執行狀況下,有效地加強AGL的安全防護。
    為了證明此機制的可行性,我們實際應用在AGL的系統上,並透過遠端攻擊的方式測試是否能夠攻擊成功。實驗結果顯示這樣的機制確實能夠有效的防止惡意攻擊者的遠端攻擊。
    ;In recent years, self-driving and in-vehicle systems have become more and more mature, and many products have actually been applied in the real world. Therefore, the security of the in-vehicle system has received attention. Automotive Grade Linux (AGL) is one of the Linux Foundation′s open source project. The main purpose of this open source project is to provide a car infotainment system that can be used by major car manufacturers. Since AGL can directly access the Electronic Control Unit (ECU), if it is attacked by a malicious attacker, the attacker may gain control of the entire car, thereby affecting the life of the driver.
    This paper will use Linux security module – SMACK and Access Control List (ACL) to control the access permission of program on AGL, and then implement the application whitelist mechanism. This mechanism could enhance the security on AGL, and it would not change the original AGL system architecture.
    In order to prove the feasibility of this mechanism, we apply it to the real AGL system and test whether it can be successfully attacked by remote attacker. Experimental results show that such a mechanism can effectively prevent remote attacks by malicious attackers.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML178檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明