Online self-diagnosis self-recovery infrastructure for embedded systems

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Complexity of monolithic kernel of existing operating systems results in security exploits inevitably. When it is compromised, manual recovery from kernel-level attacks is usually time-consuming. The whole process is expected to be automatic and supported in system level. The requirement becomes more necessary for modern embedded systems, which lack such administrative and recovery tools for end users comparing with PC. We implement a prototype system called OSKROD to support system automatic recovery. OSKROD can take a collection of actions to recover infected kernel, after detecting kernel-level attacks infections based on system virtualization technique. Moreover, it can operate in two working modes: periodic mode and request-service mode, which can be fit in various application scenarios. Its recovery has been proved effective in fault injection experiments against real world attacks. The results indicate that it can correctly detect several kernel-level security attacks and recover the system with acceptable penalty to system performance.

Original languageEnglish
Pages (from-to)39-52
Number of pages14
JournalInternational Journal of Security and its Applications
Volume4
Issue number4
Publication statusPublished - 2010 Dec 1

Keywords

  • Detection
  • Operating system
  • Recovery
  • Security

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint Dive into the research topics of 'Online self-diagnosis self-recovery infrastructure for embedded systems'. Together they form a unique fingerprint.

  • Cite this