Files in this item



application/pdfKANDIKUPPA-THESIS-2021.pdf (739kB)
(no description provided)PDF


Title:Efficient system auditing for real-time systems
Author(s):Kandikuppa, Anant
Advisor(s):Bates, Adam
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Subject(s):Real-time systems
Computer Security
Abstract:Auditing is a powerful tool that provides machine operators with the mechanisms to observe, and glean insights from, generic computing systems. The information obtained by auditing systems can be used to detect and explain suspicious activity, from fault/error diagnosis to intrusion detection and forensics after security incidents. While such mechanisms would be beneficial for Real-Time Systems (RTS), existing audit frameworks are rarely designed for this domain. If audit mechanisms are not carefully integrated into real-time operating systems, they can negatively impact the temporal constraints of RTS. In this paper, we demonstrate how to apply commodity audit frameworks to real-time systems. We design novel kernel-based reduction techniques that leverage the periodic, repetitive, nature of real-time (RT) applications to aggressively reduce the costs/overheads of a system-level auditing, viz. Linux Audit (a popular open source audit framework). This is coupled with a rigorous analysis to understand the conflicts between the temporal requirements of RT applications and the audit subsystem. Our approach, Ellipsis, generates succinct behaviors of RT application and retains a lossless record of process activity, enabling analysis/detection of unexpected activity while meeting temporal constraints. Our evaluation of Ellipsis, using ArduPilot (an open-source autopilot application suite) and synthetically generated tasksets, demonstrates up to 93% reduction in audit event generation.
Issue Date:2021-04-23
Rights Information:Copyright 2021 Anant Kandikuppa
Date Available in IDEALS:2021-09-17
Date Deposited:2021-05

This item appears in the following Collection(s)

Item Statistics