TY - GEN
T1 - A lightweight kernel objects monitoring infrastructure for embedded systems
AU - Sun, Lei
AU - Nakajima, Tatsuo
PY - 2008/10/15
Y1 - 2008/10/15
N2 - In this paper, a lightweight system level monitoring infrastructure known as Kernel Objects Monitoring Infrastructure (KOMI) is presented for commercial-off-the-shelf (COTS) embedded systems. The kernel objects consist of certain critical kernel data structures and entry points of system calls, which are protected as first-class objects inside the system. KOMI provides specific runtime protections to different kernel objects: kernel data structures are protected by the periodic detection and recovery, the interception of arguments is used to protect vulnerable system calls. Both protection methods can provide not only consistency regulations but also recovery actions for the system. During its runtime deployment, once any system inconsistency has been detected, predefined recovery actions will be invoked. Since KOMI requires few modifications to kernel source code, it is easy to integrate into existing embedded systems. The evaluation experiment results indicate our prototype system can correctly detect the inconsistent kernel data structures caused by security attacks and also prevent kernel from exploits due to vulnerable system calls with acceptable penalty to the system performance. Moreover, KOMI is fully software-based without introducing any specific hardware and requires no modifications to system call APIs, therefore legacy applications can be also easily reused.
AB - In this paper, a lightweight system level monitoring infrastructure known as Kernel Objects Monitoring Infrastructure (KOMI) is presented for commercial-off-the-shelf (COTS) embedded systems. The kernel objects consist of certain critical kernel data structures and entry points of system calls, which are protected as first-class objects inside the system. KOMI provides specific runtime protections to different kernel objects: kernel data structures are protected by the periodic detection and recovery, the interception of arguments is used to protect vulnerable system calls. Both protection methods can provide not only consistency regulations but also recovery actions for the system. During its runtime deployment, once any system inconsistency has been detected, predefined recovery actions will be invoked. Since KOMI requires few modifications to kernel source code, it is easy to integrate into existing embedded systems. The evaluation experiment results indicate our prototype system can correctly detect the inconsistent kernel data structures caused by security attacks and also prevent kernel from exploits due to vulnerable system calls with acceptable penalty to the system performance. Moreover, KOMI is fully software-based without introducing any specific hardware and requires no modifications to system call APIs, therefore legacy applications can be also easily reused.
UR - http://www.scopus.com/inward/record.url?scp=53549132551&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=53549132551&partnerID=8YFLogxK
U2 - 10.1109/RTCSA.2008.16
DO - 10.1109/RTCSA.2008.16
M3 - Conference contribution
AN - SCOPUS:53549132551
SN - 9780769533490
T3 - Proceedings - 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA 2008
SP - 55
EP - 60
BT - Proceedings - 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA 2008
T2 - 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA 2008
Y2 - 25 August 2008 through 27 August 2008
ER -