2024 Volume 32 Pages 586-595
Cybersecuity has always been a challenging topic along with the accelerating growth in the number of connected Internet of Things (IoT) devices and their heterogeneity. System monitoring as one of the predominant security hardening approaches are often introduced to IoT systems for detecting anomaly activities and ongoing intrusion. System auditing is one of the fundamental approaches for implementing such systems. However, most of the existing monitoring techniques for IoT systems heavily rely on network traffic analysis. In the previous work, we emphasized the device endpoint itself, proposed a flexible and extensible monitoring framework for Linux-based IoT systems, and presented the feasibility and performance evaluation of the framework by implementing a monitoring prototype and an IoT application simulating real-world surveillance scenario on an ARM device. In this work, we further improved the implementation of the monitoring prototype and introduced Linux control groups, a.k.a cgroups for meticulous resource management between the monitoring components and the application processes. By conducting a series of comparative evaluation experiments under different CPU isolation and scheduling methods, our experiment results showcased the significance of the CPU isolation and process scheduling methods in terms of performance, and the minimal overhead cost of the proposed monitoring framework on IoT device.
