共查询到20条相似文献,搜索用时 812 毫秒
1.
嵌入式系统设计时由于成本和功耗等方面的考虑而较少重视安全性,而一般采用的软件防御方式无法满足嵌入式系统在实时性和可靠性上的要求,缓冲区溢出作为最常见的软件安全漏洞对嵌入式系统安全构成严重威胁.文中构建了一种基于细粒度指令流监控(FIFM)的硬件防御机制,通过虚拟执行单元虚拟执行程序,在攻击发生之前检测攻击行为.实验结果表明FIFM能很好的防御典型的缓冲区溢出攻击,而且FIFM不需要修改程序,不破坏流水线完整性,对系统的性能影响小,本文的防护机制可以应用于其他嵌入式系统设计中以动态防御缓冲区溢出攻击. 相似文献
2.
本文分析了缓冲区溢出攻击的原理,概括linux系统针对溢出攻击的常用防御手段.进一步,分析了目前各种基于裁减linux系统的安全网关的特点,提出了其抗缓冲区溢出攻击以增强系统安全性的方法.最后说明了防溢出攻击技术的近期发展. 相似文献
3.
随着光线通信、4G移动通信的快速发展,移动通信已经大大的影响了人们的工作、生活和学习.利用智能手机开发了许多的智能软件,比如在线学习、手机淘宝、高德地图等,进一步改进了人们的工作、生活和学习的先进性.移动通信系统涉及的应用软件、物理硬件设备较多,这些软硬件资源集成在一起的时候,由于不同的软件和设备开发采用的程序技术、设计架构均不同,因此非常容易产生各种漏洞,受到黑客、病毒和木马的攻击,造成了移动通信系统的数据被盗取、服务器被攻击、业务被中断.论文针对详细地分析了移动通信系统的构成内容,描述移动互联网接入设备种类及其特点,并且分析了移动通信系统面临的安全威胁现状,从用户终端、接入网、核心网等三个方面研究系统的安全性,提出利用多层次网络安全防御技术构建一个完善的防御系统. 相似文献
4.
5.
6.
论文以攻击监测规则为多种网络防护技术的融合点,给出了一种综合性的安全解决方案(主动网络防御系统),提出其防御模型和总体框架,并对其系统组件进行了分析。最后重点探讨了主动响应技术的实现,并对框架安全性进行了分析。 相似文献
7.
动态异构冗余(Dynamic Heterogeneous Redundancy,DHR)模型的安全性分析是拟态防御的核心问题之一.本文针对DHR模型安全性量化分析问题提出了执行体-漏洞矩阵和服务体-漏洞矩阵模型,实现了DHR系统的形式化描述.提出了攻击序列法和服务体法的两种计算方法,从系统攻击成功率和被控制率对DHR系统进行安全性分析,推导出非合谋(合谋)盲攻击和非合谋(合谋)最优攻击4种场景下安全性指标的计算公式.通过仿真实验分析了DHR模型各因素对系统安全性的影响,给出了增强DHR系统安全性的具体建议.所提方法能用于DHR系统的安全性量化分析和比较,为DHR系统构建提供量化决策支撑. 相似文献
8.
<正>嵌入式通信设备的安全漏洞是通信系统受到网络安全威胁的重要原因之一。近年来,基于嵌入式系统的各类产品如雨后春笋般层出不穷,在通信领域更是广泛使用。嵌入式通信设备的安全性不仅涉及个人隐私,甚至关乎国家安全。嵌入式通信设备正面临日益严重的攻击威胁,安全状况极为严峻。为了应对嵌入式通信设备安全性提升的迫切要求,本文对嵌入式通信设备的特点及安全脆弱性进行分析,通过对相关安全性测试技术的研究,提出了适用于嵌入式通信设备安全性测试的内容和方法,为嵌入式通信设备的安全测试提供方法指导,也为安全防护能力提升提供设计参考。 相似文献
9.
10.
Internet技术的发展和应用,给人们的生产和生活带来了很多便捷,但随之出现的网络安全问题,也成为日益严重的社会问题。针对网络中存在的DDoS攻击进行研究,以分布式并行系统的思想为基础,建立了一种新型DDoS攻击的安全防御体系。该体系通过不同组件间的相互协调、合作,实现了对DDoS攻击的分析及其防御。在对DDoS的攻击流量进行分析的过程中,以数据挖掘的模糊关联规则的方法进行分析,并实现了对攻击源的定位,有效地避免了攻击造成进一步的危害。 相似文献
11.
分析RapidIO总线通信特点与嵌入式系统通信需求,研究了RapidIO网络集群管理技术,融合机架内异构平台RapidIO网络管理技术与机架间网络管理技术,结合数据库集群、网络管理节点无状态等设计方案,为资源池系统提供了机架内、任意机架间高速通信的能力与网络管理节点多重备份的能力。为嵌入式系统的通信扩展提供了强力支撑。 相似文献
12.
Compressed sensing for real-time energy-efficient ECG compression on wireless body sensor nodes 总被引:3,自引:0,他引:3
Mamaghanian H Khaled N Atienza D Vandergheynst P 《IEEE transactions on bio-medical engineering》2011,58(9):2456-2466
Wireless body sensor networks (WBSN) hold the promise to be a key enabling information and communications technology for next-generation patient-centric telecardiology or mobile cardiology solutions. Through enabling continuous remote cardiac monitoring, they have the potential to achieve improved personalization and quality of care, increased ability of prevention and early diagnosis, and enhanced patient autonomy, mobility, and safety. However, state-of-the-art WBSN-enabled ECG monitors still fall short of the required functionality, miniaturization, and energy efficiency. Among others, energy efficiency can be improved through embedded ECG compression, in order to reduce airtime over energy-hungry wireless links. In this paper, we quantify the potential of the emerging compressed sensing (CS) signal acquisition/compression paradigm for low-complexity energy-efficient ECG compression on the state-of-the-art Shimmer WBSN mote. Interestingly, our results show that CS represents a competitive alternative to state-of-the-art digital wavelet transform (DWT)-based ECG compression solutions in the context of WBSN-based ECG monitoring systems. More specifically, while expectedly exhibiting inferior compression performance than its DWT-based counterpart for a given reconstructed signal quality, its substantially lower complexity and CPU execution time enables it to ultimately outperform DWT-based ECG compression in terms of overall energy efficiency. CS-based ECG compression is accordingly shown to achieve a 37.1% extension in node lifetime relative to its DWT-based counterpart for "good" reconstruction quality. 相似文献
13.
刘洲洲 《信息安全与通信保密》2008,(9):54-55
随着嵌入式系统的发展,对于人机交互的效率的要求也日渐提高,特别是一些消费电子产品如智能手机,其中嵌入式GUI(图形用户界面)已经成为一个成功的嵌入式系统不可缺少的组成部分,而且手写触摸屏也越来越广泛地被应用其中,论文讨论了在多任务情况下的触摸屏笔点连续点击遇到的问题以及解决方案。 相似文献
14.
There are varieties of embedded systems in the world. It is a big challenge to optimize the in-struction sets of System on Chips (SoCs) according to different systems’ working environments. The idea of programmable instruction set is an effective method to gain embedded system’s re-configurability. This letter presents a logic module for Java processor to be capable of using programmable instruction set. Cost (area, power, and timing) of the module is trivial. Such module is also reusable for other embedded system solu-tions besides Java systems. 相似文献
15.
Security is an important aspect of embedded system design. The characteristics of embedded systems give rise to a number of
novel vulnerabilities. A variety of different solutions are being developed to address these security problems. In this paper,
we provide a brief overview of important research topics in this domain. 相似文献
16.
随着各种抄板技术和芯片解剖技术的发展,嵌入式系统芯片正面临着越来越多受攻击风险,如何保护嵌入式系统产品不受非法复制,正日益受到人们的关注,各种防复制方法也应运而生。由此设计了一款软硬件协同的新型防复制电路及系统,用以实现对嵌入式软件版权的保护。防复制电路采用AES加密算法与嵌入式芯片进行多次随机动态加密验证,使破解者无法通过监控通信数据来破解验证保护。防复制电路中内置CPU和安全存储器,用来存储关键数据以及执行部分嵌入式程序,让破解者无法获得嵌入式芯片中完整的程序,从软硬件两方面实现了对嵌入式产品版权的充分保护。本电路在FPGA上进行了实现,并搭建被保护芯片与防复制FPGA电路的联合保护系统,实测结果显示该系统很好的完成了防复制的功能,未通过动态加密验证无法启动系统,此外,没有防复制电路的配合,无法执行完整的嵌入式芯片中的程序。 相似文献
17.
全分散ISDN交换机嵌入式实时数据库设计 总被引:2,自引:0,他引:2
以全分散ISDN交换机嵌入式实时数据库为例 ,针对通信系统中全分散、嵌入式数据库设计中需要考虑的数据提取、数据结构、接口、数据库一致性等问题 ,提出一些行之有效的解决方法。这些方法对其它数据库系统的设计也可起到借鉴作用。 相似文献
18.
19.
The author discusses public key cryptography techniques offering solutions to the unique problems associated with transaction authentication procedures using the open communication channel between a vehicle and an unprotected ground terminal. Valuable secrets embedded in costly security modules are not kept at the terminals. Playback of recorded taped communications or attempts at rehashing messages would be useless, and will not assist illicit falsification or forging of subsequent transactions. To prevent the unauthorized use of the crediting facility of a vehicle, an integral part of this facility is to be carried by the driver when the vehicle is not in operation. This can be integrated into existing electronic ignition keys. A public key cryptographic module installed in a vehicle can also be used for theft prevention by enhancing both ignition security and remote controlled door locking/unlocking mechanisms. The same device can be used for authenticating smartcard-based prepayment systems for parking or toll-road usage. This methodology is described 相似文献
20.
Performing Flexible Control on Low-Cost Microcontrollers Using a Minimal Real-Time Kernel 总被引:1,自引:0,他引:1
Marau R. Leite P. Velasco M. Marti P. Almeida L. Pedreiras P. Fuertes J.M. 《Industrial Informatics, IEEE Transactions on》2008,4(2):125-133
In recent years, approaches to control performance and resource optimization for embedded control systems have been receiving increased attention. Most of them focus on theory, whereas practical aspects are omitted. Theoretical advances demand flexible real-time kernel support for multitasking and preemption, thus requiring more sophisticated and expensive software/hardware solutions. On the other hand, embedded control systems often have cost constraints related with mass production and strong industrial competition, thus demanding low-cost solutions. In this paper, it is shown that these conflicting demands can be softened and that a compromise solution can be reached. We advocate that recent research results on optimal resource management for control tasks can be implemented on simple multitasking preemptive real-time kernels targeting low-cost microprocessors, which can be easily built in-house and tailored to actual application needs. The experimental evaluation shows that significant control performance improvement can be achieved without increasing hardware costs. 相似文献