ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Effectiveness of MAC Systems Based on LSM and Their Security Policy Configuration for Protecting IoT Devices
Among numerous active attacks targeting Internet of Things (IoT) devices, there are cases which exploit software vulnerabilities discovered in IoT devices. Mandatory Access Control (MAC) systems based on Linux Security Modules (LSM), such as SELinux and AppArmor can mitigate the impact of the attacks even if software vulnerabilities are discovered and exploited. However, these systems are not adopted by most IoT devices at present. While the existing approaches investigated onboard resources as a factor impacting on the applicability of MAC systems, they are insufficient for clarifying the whole factors. In this study, we comprehensively investigated what factors can affect the applicability of MAC systems based on LSM for IoT devices. To increase the comprehensiveness of the investigation, we newly investigated the kernel version, CPU architecture, and support for BusyBox in addition to the resources examined in previous studies. We also conducted simulated experiments based on the attack method of Mirai to investigate whether MAC systems can protect IoT devices against malwares. Moreover, we investigated how much it costs to fix security policies for protecting IoT devices against IoT malware in terms of added rules.