CAREER: Indistinguishability Prevents Information Leakage in Real-Time Schedulers

职业：不可区分性防止实时调度程序中的信息泄漏

• 批准号: 2246937
• 负责人: Sibin Mohan
• 金额: $ 52.34万
• 依托单位: George Washington University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2027-05-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2246937&HistoricalAwards=false
• 关键词: CAREER; Indistinguishability; Prevents; Information; Leakage

Modern society relies heavily on systems that operate within strict timing requirements such as in engine control units in automobiles, aircraft avionics and navigation systems, programmable logic controllers in manufacturing plants, industrial control systems in the electricity sector, and many hundreds of others. The recent advent of autonomous cars, drones and internet-of-things (IoT) further expands the reach of these "real-time systems". The limitations of such devices viz., small computing power, less memory, limited battery power, has serious consequences for security, specifically, they become much harder to protect and defend. This research develops systematic security mechanisms for real-time embedded systems in critical applications to control what can be observed about them. An important reason why real-time systems are vulnerable is the fact that they are predictable by design, thus leaking critical information. Leakage, say via timing "side channels", might be misused as part of a campaign to disrupt normal operations by knowing the schedule of when critical applications will run. Any mitigations to information leakage must still allow real-time systems to operate within their required timing constraints. This project improves the security of real-time systems using concepts inspired from the area of differential privacy that was developed for database security, where the fundamental concept is to hide personally identifying information from queries on large databases by injecting "noise" in a systematic manner. By analogy for real-time systems, this project focuses on system states at runtime and develops the notion of "schedule indistinguishability" by strategically adding "noise" to the task scheduler, so individual tasks cannot be distinguished separately and cannot be known. The concept of "epsilon-indistinguishability" is developed to measure the probability of information leakage of schedule and timing information by observation of task-level behaviors. A task scheduler that effectively and efficiently uses indistinguishability is designed and prototyped. In addition, the project focuses on developing metrics for real-time systems to measure and assess the risk mitigations of using schedule indistinguishability. The long-term goal of this research is to explore the relationships of "indistinguishability" for cyber-physical systems and their application domains with regard to security, safety, dependability, and resilience.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

现代社会严重依赖在严格的时序要求下运行的系统，例如汽车的发动机控制单元、飞机航空电子设备和导航系统、制造工厂的可编程逻辑控制器、电力部门的工业控制系统以及数百种其他系统。最近自动驾驶汽车、无人机和物联网 (IoT) 的出现进一步扩大了这些“实时系统”的范围。此类设备的局限性，即计算能力小、内存少、电池电量有限，对安全性产生了严重后果，特别是，它们变得更难以保护和防御。这项研究为关键应用中的实时嵌入式系统开发了系统的安全机制，以控制可以观察到的内容。实时系统容易受到攻击的一个重要原因是它们在设计上是可预测的，从而泄露了关键信息。通过定时“侧通道”进行的泄漏可能会被滥用，作为通过了解关键应用程序运行时间表来扰乱正常操作的活动的一部分。 任何对信息泄漏的缓解措施都必须允许实时系统在其所需的时间限制内运行。该项目使用受差异隐私领域启发的概念来提高实时系统的安全性，该领域是为数据库安全而开发的，其基本概念是通过系统地注入“噪声”来隐藏大型数据库查询中的个人识别信息。类比实时系统，该项目关注运行时的系统状态，并通过策略性地向任务调度器添加“噪声”来发展“调度不可区分性”的概念，因此单个任务无法单独区分，也无法得知。提出“epsilon-不可区分性”的概念，通过观察任务级行为来衡量日程和计时信息的信息泄漏概率。设计并制作了一个有效且高效地利用不可区分性的任务调度程序。 此外，该项目的重点是开发实时系统的指标，以衡量和评估使用时间表不可区分性的风险缓解措施。这项研究的长期目标是探索网络物理系统及其应用领域在安全性、可靠性和弹性方面的“不可区分性”关系。该奖项反映了 NSF 的法定使命，被认为是值得的通过使用基金会的智力优势和更广泛的影响审查标准进行评估来提供支持。

项目成果

Towards Efficient Auditing for Real-Time Systems

实现实时系统的高效审计

• 发表时间: 2022-10
• 期刊: European Symposium on Research in Computer Security
• 作者: Bansal; Ayoosh and
• 通讯作者: Ayoosh and

SchedGuard++: Protecting against Schedule Leaks Using Linux Containers on Multi-Core Processors

SchedGuard：在多核处理器上使用 Linux 容器防止计划泄漏

• DOI: 10.1145/3565974
• 发表时间: 2023-01
• 期刊: ACM Transactions on Cyber-Physical Systems
• 影响因子: 2.3
• 作者: Chen, Jiyang;Kloda, Tomasz;Tabish, Rohan;Bansal, Ayoosh;Chen, Chien;Liu, Bo;Mohan, Sibin;Caccamo, Marco;Sha, Lui
• 通讯作者: Sha, Lui

Insights on Using Deep Learning to Spoof Inertial Measurement Units for Stealthy Attacks on UAVs

关于使用深度学习欺骗惯性测量装置对无人机进行隐形攻击的见解

• DOI: 10.1109/milcom55135.2022.10017482
• 发表时间: 2022-11
• 期刊: Military Communications Conference
• 作者: Kim, Kyo Hyun;Kara, Denizkhan;Paruchuri, Vineetha;Mohan, Sibin;Kimberly, Greg;Osipychev, Denis;Kim, Jae H.;Eckhardt, Josh D.;Pajic, Miroslav
• 通讯作者: Pajic, Miroslav