Presentation is loading. Please wait.

Presentation is loading. Please wait.

Research on Immunizing Embedded Linux Core Against Viruses and Software Faults Tao Gong1, 2, 3, Changxing Du1 1 College of Information S. & T., Donghua.

Published byStephen Caldwell Modified over 6 years ago

Similar presentations

Presentation on theme: "Research on Immunizing Embedded Linux Core Against Viruses and Software Faults Tao Gong1, 2, 3, Changxing Du1 1 College of Information S. & T., Donghua."— Presentation transcript:

1 Research on Immunizing Embedded Linux Core Against Viruses and Software Faults
Tao Gong1, 2, 3, Changxing Du1 1 College of Information S. & T., Donghua University, Shanghai , China 2 Engineering Research Center of Digitized Textile & Fashion Technology, Ministry of Education, Donghua University, Shanghai , China 3 Department of Computer Science, Purdue University, West Lafayette 47907, USA Abstract. Linux is more secure than other operation systems such as Windows, but the embedded Linux core need be more secure by its immunization against viruses and software faults. First, the embedded Linux is customized from the standard Linux by keeping the Linux core and deleting the unnecessary components. Immunization of the Linux core is designed into the process control, memory management, communication, driving programs, and file system. The artificial immune system of the embedded Linux core is built on the tri-tier immune model, and both viruses and software faults are detected as nonselfs. The selfs are the normal components and the nonselfs are foreign viruses, infected selfs, lost selfs and damaged selfs. This immunization technique will be tested on a prototype of embedded Linux core, by protecting the file system and repairing the damaged files. Keywords: Embedded system; Linux core; immunization; virus; software fault. 1 Introduction Unknown viruses are difficult to detect and learn in some security applications [1], and the operation systems such as Windows and Linux have vulnerability to the viruses and attacks. To repair the vulnerability, users need update the operation systems online to set up some new security patches. This updating often provides a new chance for the viruses and attacks to spread the damage through the network. So threat modeling is used to expose some circumstances or events having the potential to cause harm to a system in the form of destruction, disclosure, modification of data, and/or denial of service, and results in a vulnerability assessment. Similar to the threat model, the immune danger theory was proposed by Matzinger [2], and in this danger theory immune response distinguishes the danger signals that are generated by damaged cells. In the embedded Linux core, the threats are the damaged selfs and the foreign non-selfs such as the blackhole attacks and the virus-based wormhole attacks [3], so the threats are the non-selfs in nature. First, the blackhole attacks can transmit malicious broadcast information from a node that the node has the shortest path to the destination aiming to intercept messages. And the wormhole attacks can record 206

2 2 Immunizing embedded Linux core
packets at one location in the network, tunnel them to other locations, and retransmit them there into the network via viruses. In fact, the human immune system has another different and advanced security approach to protect the body [4], and this immunization approach emphasize more on selfs (i.e. normal components such as normal cells, immune cells, and antibodies) than the nonselfs such as viruses and cancer cells. Inspired from this natural powerful security system, a new idea of immunizing the embedded Linux core is proposed to build the normal models of selfs and defend this core against the viruses and software faults, in this paper. 2 Immunizing embedded Linux core Standard Linux is a complex operation system, which has too many components to be set up in embedded systems. So this standard Linux needs trimming to be customized in the embedded systems, and the Linux core should be revised and compiled. The embedded Linux core has some necessary files and directories. The immunization of the embedded Linux core is made in process control, memory management, communication, drivers and file system. The embedded Linux core utilizes various data structures to organize the system processes in different ways, according to various requirements of the process control sub-system. Each process has its unique identification number (PID), and the immunity of the process control protects the core data structures, which the processes use. Memory is one of the most important resources in control of the Linux core, and the memory management sub-system is the most important and difficult part of operation system. The root file system is a necessary file system for running the Linux operation system. Driver design is an important step to develop embedded systems, and the drivers provide the interfaces for the applications to control the hardware. The normal embedded systems are based on the normal states of the drivers. The immunity of the driver is used to monitor the normal state of the driver and assure the proper output of the diver. The embedded systems often communicate with other embedded systems or foreign networks, and the security is not only based on the security of the communication protocol, but also relative with the security of the Linux core. If the immune Linux core can detect the data packages with such nonselfs as viruses by detecting the selfs of this core first, this communication will be more secure. In many embedded systems, the data spaces of users are private, so the immunity of the Linux core protects this privacy. 3 Testing immune Linux core and NS2-based experiments The immune Linux core is compiled according to the regular compiling method, and the step for compiling the immune programs is just after the step for building the normal model of the embedded system. After the immune programs are compiled, the files Makefile and Konfig are revised and generated. The mirror of the Linux core 207

3 4 Conclusion References
uses the zImage mirror, and this mirror can be downloaded into the development board to test. To validate the immunization approach for the embedded system, 2 embedded systems such as ARM9 and ARM11 and 3 notebooks build a real mobile ad hoc network. As one node was compromised by the blackhole attack, the routing table of this node was changed the attack, and so the client program of this node sent no any data to the other nodes. The wormhole attack changed the routing table of the compromised node, and spread the wormhole attack via the client program of this node into other nodes. Due to the amount limit of notebooks, ARMs and Zigbee devices, the node amount of the real ad hoc network was as small as five, but the node amount of the simulations with the Network Simulator 2.35 was expanded to as large as 20. Comparing with the packet delivery ratios (PDR) of the network under the collaborative attacks and the network based on the regular Intrusion Detection System (IDS) against the attacks, the packet delivery ratio of the network with cooperative immunization was higher. This result shows that the cooperative immunization is faster and more effective against the collaborative attacks than the regular IDS. 4 Conclusion The embedded Linux core is very important for many applications of the embedded systems, and the immunization of this embedded Linux core is important for its security. First, the normal model is useful to build the selfs and identify the normal state of this embedded system by the space-time properties. Then, based on this normal model, the viruses and software faults can be detected quickly and accurately, so the immunization can be created for the embedded system of such modules as process control, memory management, communication, drivers and file system etc. Acknowledgements. The work was supported by grants from Natural Science Foundation of Shanghai (08ZR ), the Shanghai Educational Development Foundation (2007CG42), the National Natural Science Foundation of China ( ), and NSF References Sukwong, O., Kim, H. S., Hoe, J. C.: Commercial antivirus software effectiveness: an empirical study. IEEE Computer, vol. 44, no. 3, pp (2011) Matzinger, P.: The danger model: a renewed sense of self. Science, vol. 12, (2002) Wang, W., Bhargava, B., Lu, Y., Wu, X.: Defending against wormhole attacks in mobile ad hoc networks. Wireless Communications & Mobile Computing, 6(4): (2006) Gong, T., Cai, Z. X.: Artificial immune system based on normal model and its applications. Beijing: Tsinghua University Press (2011) 208

Download ppt "Research on Immunizing Embedded Linux Core Against Viruses and Software Faults Tao Gong1, 2, 3, Changxing Du1 1 College of Information S. & T., Donghua."

Similar presentations

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.
1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.

1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.

S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
A New Household Security Robot System Based on Wireless Sensor Network Reporter :Wei-Qin Du.

A New Household Security Robot System Based on Wireless Sensor Network Reporter :Wei-Qin Du.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec. 2006.

Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK Research paper Lina kazem 43580340.

ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK ZIGBEE PROTOCOL FOR WIRLEESS SENSOR NETWORK Research paper Lina kazem
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
Easwari Engineering College Department of Computer Science and Engineering IDENTIFICATION AND ISOLATION OF MOBILE REPLICA NODES IN WSN USING ORT METHOD.

Easwari Engineering College Department of Computer Science and Engineering IDENTIFICATION AND ISOLATION OF MOBILE REPLICA NODES IN WSN USING ORT METHOD.
EAACK—A Secure Intrusion-Detection System for MANETs

EAACK—A Secure Intrusion-Detection System for MANETs
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Similar presentations

Ads by Google