About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Collaborative Computing: Networking, Applications and Worksharing. 16th EAI International Conference, CollaborateCom 2020, Shanghai, China, October 16–18, 2020, Proceedings, Part I

Research Article

Real-Time Self-defense Approach Based on Customized Netlink Connection for Industrial Linux-Based Devices

Download(Requires a free EAI acccount)
2 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-67537-0_25,
        author={Ming Wan and Jiawei Li and Jiangyuan Yao},
        title={Real-Time Self-defense Approach Based on Customized Netlink Connection for Industrial Linux-Based Devices},
        proceedings={Collaborative Computing: Networking, Applications and Worksharing. 16th EAI International Conference, CollaborateCom 2020, Shanghai, China, October 16--18, 2020, Proceedings, Part I},
        proceedings_a={COLLABORATECOM},
        year={2021},
        month={1},
        keywords={Self-defense Customized Netlink Application process Industrial Linux-based devices},
        doi={10.1007/978-3-030-67537-0_25}
    }
    
  • Ming Wan
    Jiawei Li
    Jiangyuan Yao
    Year: 2021
    Real-Time Self-defense Approach Based on Customized Netlink Connection for Industrial Linux-Based Devices
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-030-67537-0_25
Ming Wan1, Jiawei Li1, Jiangyuan Yao2,*
  • 1: School of Information
  • 2: School of Computer Science and Cyperspace Security
*Contact email: yaojy@hainanu.edu.cn

Abstract

With the deep integration of IT (Information Technology) and OT (Operational Technology), various Linux operating systems have been successfully applied in critical industrial devices, such as Linux-based IIoT (Industrial Internet of Things) controllers or gateways, and the vulnerabilities of these systems may become a new breakthrough for the organized and high-intensity attacks. In order to prevent malwares from corrupting or disabling industrial Linux-based devices, this paper proposes a novel real-time self-defense approach, which can be easily developed without redesigning the basic software and hardware platform. By establishing the customized Netlink connection between kernel mode and user mode, this approach can monitor all application processes, and block each new malicious application process, which cannot conform to the trusted white-listing rules. All experimental results show that the proposed approach has a comparative advantage to effectively detect and prevent the malware-related attacks, and provides a self-defense function for industrial Linux-based devices, which meets their availability due to the millisecond resolution.

Keywords
Self-defense Customized Netlink Application process Industrial Linux-based devices
Published
2021-01-22
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-67537-0_25
Copyright © 2020–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL