Files in this item



application/pdfCHEN-DISSERTATION-2020.pdf (6MB)Restricted to U of Illinois
(no description provided)PDF


Title:Scheduler side-channels in preemptive real-time systems: attack and defense techniques
Author(s):Chen, Chien-Ying
Director of Research:Mohan, Sibin
Doctoral Committee Chair(s):Mohan, Sibin
Doctoral Committee Member(s):Nahrstedt, Klara; Borisov, Nikita; Bobba, Rakesh B.; Pellizzoni, Rodolfo
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Subject(s):Scheduler Side-Channels
Real-Time Systems
Abstract:This dissertation aims to address the problem of the side-channels caused by the deterministic nature embedded in the real-time schedulers in preemptive real-time systems (RTS). The dissertation explores the problem by postulating that there exist timing-based side-channels (i.e., scheduler side-channels) that enable adversaries to gauge the behavior of the system with high precision in preemptive RTS and that the RTS can be protected by diversifying the real-time schedules. To validate this hypothesis, the work is divided into three groups to tackle the following three key challenges: • Validate the presence of the scheduler side-channels in preemptive RTS. • Protect the RTS by diversifying the real-time schedule. • Evaluate the risks against the scheduler side-channels and the efficacy of a defense scheme. The dissertation shows that the scheduler side-channels exist in both classes of widely used preemptive RTS (i.e., fixed-priority RTS and dynamic-priority RTS) and can leak critical task information using a user-space, non-privileged task. Such information can be leveraged by other collaborative attacks (e.g., advanced persistent threat attacks) to pose a serious threat to systems. A study on the schedule randomization technique as a defense strategy is conducted and shows that, while being effective in disturbing the repeated patterns in the schedule, there exist trade-offs (e.g., the scheduling overhead) and shortcomings (e.g., ineffectiveness in the face of real-time constraints.) Based on the lesson learned, the dissertation introduces the notion of “schedule indistinguishability” and presents a defense scheme that provides security guarantees to critical tasks by achieving the schedule indistinguishability. The scheduler relaxes the real-time constraints and add random noise drawn from bounded Laplace distribution to the task’s execution patterns to hide the repeated patterns from the task schedule. The dissertation further introduces a security evaluation framework consisting of diverse metrics that capture the unique characteristics of real-time schedules and scheduler side-channels to better evaluate the risks for a given RTS. The work is concluded by assessing the developed scheduler against scheduler side-channels with using the introduced security evaluation framework.
Issue Date:2020-11-30
Rights Information:Copyright 2020 Chien-Ying Chen
Date Available in IDEALS:2021-03-05
Date Deposited:2020-12

This item appears in the following Collection(s)

Item Statistics