A Novel Packets Transmission Scheme Based on Software Defined Open Wireless Platform

Jia, Jianxin; Liu, Guangzhong; Han, Dong‐Guk; Wang, Jim

doi:10.1109/access.2018.2813007

Cited by 3 publications

(1 citation statement)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Before executing the native system call execve(), we can monitor and block the new application process. Figure 1 shows the basic design principle of our approach, which contains three significant aspects: 1) Netlink connection: the Netlink connection is an excellent method to achieve interprocess communications between kernel mode and user mode, and it can be established by some mature APIs (Application Program Interfaces) [19]. Moreover, the customized Netlink connection can support asynchronous communications from kernel mode to user mode, and send new process events to user mode without interfering with the stable runtime of other application processes.…”

Section: Basic Design Principlementioning

confidence: 99%

Real-Time Self-defense Approach Based on Customized Netlink Connection for Industrial Linux-Based Devices

Wan

Yao

2021

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

With the deep integration of IT (Information Technology) and OT (Operational Technology), various Linux operating systems have been successfully applied in critical industrial devices, such as Linux-based IIoT (Industrial Internet of Things) controllers or gateways, and the vulnerabilities of these systems may become a new breakthrough for the organized and high-intensity attacks. In order to prevent malwares from corrupting or disabling industrial Linux-based devices, this paper proposes a novel real-time self-defense approach, which can be easily developed without redesigning the basic software and hardware platform. By establishing the customized Netlink connection between kernel mode and user mode, this approach can monitor all application processes, and block each new malicious application process, which cannot conform to the trusted white-listing rules. All experimental results show that the proposed approach has a comparative advantage to effectively detect and prevent the malware-related attacks, and provides a self-defense function for industrial Linux-based devices, which meets their availability due to the millisecond resolution.

show abstract

Section: Basic Design Principlementioning

confidence: 99%