摘要
针对嵌入式实时操作系统内核常规防入侵方法被动防护导致的数据信息漏报的问题,提出一种新型嵌入式实时操作系统内核主动防入侵方法。首先根据信号的幅值波动范围找出被攻击的位置,利用系统中的API函数对侵入的软件进行行为分析,找出具有代表性的行为进行攻击类型判断。设置主动防御程序,将侵入软件在安装阶段进行控制、隔离,以此实现对嵌入式实时操作系统内核的主动防护。实验结果表明:所研究的主动防入侵方法对于信号波动幅值范围监测到位,漏报率降低了17.43%,主动防入侵方法对于恶意攻击的防护能力更强。
In order to solve the problem of data information leakage caused by passive protection of conventional intrusion prevention methods in the kernel of embedded real-time operating system,a new active intrusion prevention method in the kernel of embedded real-time operating system is proposed.Firstly,according to the amplitude fluctuation range of the signal to find the location of the attacked,and the API function of the system is used to analyze the behavior of the invaded software,to find out the representative behavior to judge the attack type.Set up active defense program to control and isolate the intrusion software in the installation phase,so as the active protection of the embedded real-time operating system kernel is realized.The experimental results show that the active intrusion prevention method can detect the amplitude range of the signal fluctuation in place,reduce the rate of false alarm by 17.43%,and the active intrusion prevention method has stronger protection ability for malicious attacks.
作者
张庆庆
ZHANG Qingqing(Xi'an Research Institute,China Coal Technology and Engineering Group Corp,Xi'an 710077,China)
出处
《自动化与仪器仪表》
2020年第6期33-36,共4页
Automation & Instrumentation
基金
国家重点研发计划
井下随掘巷道地质异常体动态探测技术与装备(No.2018YFC0807804)
国家科技重大专项项目
井下单巷道侧帮地质条件探测技术与钻孔抽采效果监测仪器(No.2016ZX05045003-005)。
关键词
嵌入式
实时操作系统
实时监测
主动防入侵
embedded
real-time operating system
real-time monitoring
active intrusion prevention
