Intrusion detection against unauthorized file modification by integrity checking and recovery with HW/SW platforms using programmable system-on-chip (SoC)

摘要

The attacks of modifying files such as website hacking, virus infection and ransomware are becoming a recent issue. This is due to a lack of attention to the programs or maintenance of web applications after it has been completed and connected to the internet, while hackers will always try to find a security hole to infiltrate the system. The security of software-based system used in the market today is not good enough to protect those attacks because the software-based protection, in general, can still be modified or manipulated. Therefore, a mechanism that can protect files in a system (such as personal computer or server) by both software and hardware is required. Implementing the mechanism to a hardware can bring a better immunity from malware infections. This paper proposed a method that provides protection mechanism against unauthorized file modification using the existing Integrity Checking and Recovery (ICAR) concept by holistic approach (hardware and software protection) with an open source security-oriented platform using a programmable system on chip (SoC). The results of the simulations show that the system can protect the authenticity of files against file modification-based attacks in the limited scenarios of attack without modifying main system configuration.