2026-04-19T09:31:08Z https://ipsj.ixsq.nii.ac.jp/oai

oai:ipsj.ixsq.nii.ac.jp:00238001 2025-01-19T08:43:40Z 581:11492:11501

A Linux Audit and MQTT based Monitoring Framework for IoT Devices and Its Evaluation A Linux Audit and MQTT based Monitoring Framework for IoT Devices and Its Evaluation Jie, Yin Yutaka, Ishikawa Atsuko, Takefusa Jie, Yin Yutaka, Ishikawa Atsuko, Takefusa [特集:“Applications and the Internet” in Conjunction with the Main Topics of COMPSAC 2023] IoT, Audit, MQTT, monitoring framework, overhead evaluation, cgroups, CPU isolation, scheduling Cybersecuity has always been a challenging topic along with the accelerating growth in the number of connected Internet of Things (IoT) devices and their heterogeneity. System monitoring as one of the predominant security hardening approaches are often introduced to IoT systems for detecting anomaly activities and ongoing intrusion. System auditing is one of the fundamental approaches for implementing such systems. However, most of the existing monitoring techniques for IoT systems heavily rely on network traffic analysis. In the previous work, we emphasized the device endpoint itself, proposed a flexible and extensible monitoring framework for Linux-based IoT systems, and presented the feasibility and performance evaluation of the framework by implementing a monitoring prototype and an IoT application simulating real-world surveillance scenario on an ARM device. In this work, we further improved the implementation of the monitoring prototype and introduced Linux control groups, a.k.a cgroups for meticulous resource management between the monitoring components and the application processes. By conducting a series of comparative evaluation experiments under different CPU isolation and scheduling methods, our experiment results showcased the significance of the CPU isolation and process scheduling methods in terms of performance, and the minimal overhead cost of the proposed monitoring framework on IoT device. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.32(2024) (online) DOI　http://dx.doi.org/10.2197/ipsjjip.32.586 ------------------------------ Cybersecuity has always been a challenging topic along with the accelerating growth in the number of connected Internet of Things (IoT) devices and their heterogeneity. System monitoring as one of the predominant security hardening approaches are often introduced to IoT systems for detecting anomaly activities and ongoing intrusion. System auditing is one of the fundamental approaches for implementing such systems. However, most of the existing monitoring techniques for IoT systems heavily rely on network traffic analysis. In the previous work, we emphasized the device endpoint itself, proposed a flexible and extensible monitoring framework for Linux-based IoT systems, and presented the feasibility and performance evaluation of the framework by implementing a monitoring prototype and an IoT application simulating real-world surveillance scenario on an ARM device. In this work, we further improved the implementation of the monitoring prototype and introduced Linux control groups, a.k.a cgroups for meticulous resource management between the monitoring components and the application processes. By conducting a series of comparative evaluation experiments under different CPU isolation and scheduling methods, our experiment results showcased the significance of the CPU isolation and process scheduling methods in terms of performance, and the minimal overhead cost of the proposed monitoring framework on IoT device. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.32(2024) (online) DOI　http://dx.doi.org/10.2197/ipsjjip.32.586 ------------------------------ journal article 情報処理学会 2024-08-15 application/pdf 情報処理学会論文誌 8 65 1882-7764 AN00116647 https://ipsj.ixsq.nii.ac.jp/record/238001/files/IPSJ-JNL6508004.pdf eng