A lightweight detection and recovery infrastructure of kernel objects for embedded systems

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

The kernel objects consist of critical kernel data structures and system call functions, which are the most important data for a system, should be protected as first-class candidates. In this paper, a lightweight system-level detection and recovery infrastructure is presented for embedded systems. Inside the infrastructure, specific runtime protections have been implemented for different kernel objects, kernel data structures are protected by the periodic detection and recovery, the interception of arguments is used to protect vulnerable system calls. At runtime once any system inconsistency has been detected, predefined recovery actions will be invoked. The consistency detection regulations and corresponding recovery actions can also be flexibly customized by system developers. The infrastructure requires few modifications to kernel source code, thus it is easy to integrate into existing embedded systems. The evaluation experiment results indicate our prototype system can correctly detect the inconsistent kernel data structures caused by security attacks and also prevent kernel from exploits due to vulnerable system calls with acceptable penalty to system performance. Moreover, it is fully software-based without introducing any specific hardware and requires no modifications to system call APIs, therefore legacy commercial-off-the-shelf (COTS) applications can be also easily reused.

Original languageEnglish
Title of host publicationProceedings of The 5th International Conference on Embedded and Ubiquitous Computing, EUC 2008
Pages136-143
Number of pages8
DOIs
Publication statusPublished - 2008 Dec 1
Event5th International Conference on Embedded and Ubiquitous Computing, EUC 2008 - Shanghai, China
Duration: 2008 Dec 172008 Dec 20

Publication series

NameProceedings of The 5th International Conference on Embedded and Ubiquitous Computing, EUC 2008
Volume1

Conference

Conference5th International Conference on Embedded and Ubiquitous Computing, EUC 2008
CountryChina
CityShanghai
Period08/12/1708/12/20

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Communication

Fingerprint Dive into the research topics of 'A lightweight detection and recovery infrastructure of kernel objects for embedded systems'. Together they form a unique fingerprint.

  • Cite this

    Sun, L., & Nakajima, T. (2008). A lightweight detection and recovery infrastructure of kernel objects for embedded systems. In Proceedings of The 5th International Conference on Embedded and Ubiquitous Computing, EUC 2008 (pp. 136-143). [4756331] (Proceedings of The 5th International Conference on Embedded and Ubiquitous Computing, EUC 2008; Vol. 1). https://doi.org/10.1109/EUC.2008.78