A New Intrusion Detection Mechanism in SELinux

Zhang, Runnan; Liu, Gang; Yuan, Xin; Ji, Shaomin; Zhang, Guofang

doi:10.1109/isssr.2016.018

Cited by 1 publication

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The LSM API can be used by a defined and configured computer security model as AppArmor 4 or SELinux. 5 Any of these approaches contribute to increase the security of the system helping to address possible unknown threats related to poor security planning, configurations or overseen flaws in the system that could be rendered into exploits [51]. These complimentary features are considered standard in production environments, particularly to prevent root privilege escalation.…”

Section: ) Secure By Designmentioning

confidence: 99%

IoTsafe, Decoupling Security From Applications for a Safer IoT

et al. 2019

View full text Add to dashboard Cite

The use of robust security solutions is a must for the Internet of Things (IoT) devices and their applications: regulators in different countries are creating frameworks for certifying those devices with an acceptable security level. However, even for already certified devices, security protocols have to be updated when a breach is found or a certain version becomes obsolete. Many approaches for securing IoT applications are nowadays based on the integration of a security layer [e.g., using transport layer security, (TLS)], but this may result in difficulties when upgrading the security algorithms, as the whole application has to be updated. This fact may shorten the life of IoT devices. As a way to overcome these difficulties, this paper presents IoTsafe, a novel approach relying on secure socket shell (SSH), a feasible alternative to secure communications in IoT applications based on hypertext transfer protocol (HTTP and HTTP/2). In order to illustrate its advantages, a comparison between the traditional approach (HTTP with TLS) and our scheme (HTTP with SSH) is performed over low-power wireless personal area networks (6loWPAN) through 802.15.4 interfaces. The results show that the proposed approach not only provides a more robust and easy-to-update solution, but it also brings an improvement to the overall performance in terms of goodput and energy consumption. Core server stress tests are also presented, and the server performance is also analyzed in terms of RAM consumption and escalation strategies.

show abstract

Section: ) Secure By Designmentioning

confidence: 99%