Monowar Hasan,Sibin Mohan,Rodolfo Pellizzoni,Rakesh B. Bobba

DOI: https://doi.org/10.48550/arXiv.1711.04808

2017-11-14

Abstract:The increased capabilities of modern real-time systems (RTS) expose them to various security threats. Recently, frameworks that integrate security tasks without perturbing the real-time tasks have been proposed, but they only target single core systems. However, modern RTS are migrating towards multicore platforms. This makes the problem of integrating security mechanisms more complex, as designers now have multiple choices for where to allocate the security tasks. In this paper we propose HYDRA, a design space exploration algorithm that finds an allocation of security tasks for multicore RTS using the concept of opportunistic execution. HYDRA allows security tasks to operate with existing real-time tasks without perturbing system parameters or normal execution patterns, while still meeting the desired monitoring frequency for intrusion detection. Our evaluation uses a representative real-time control system (along with synthetic task sets for a broader exploration) to illustrate the efficacy of HYDRA.

Cryptography and Security,Operating Systems

Monowar Hasan,Sibin Mohan,Rodolfo Pellizzoni,Rakesh B. Bobba

DOI: https://doi.org/10.48550/arXiv.1705.00138

2017-05-24

Abstract:Embedded real-time systems (RTS) are pervasive. Many modern RTS are exposed to unknown security flaws, and threats to RTS are growing in both number and sophistication. However, until recently, cyber-security considerations were an afterthought in the design of such systems. Any security mechanisms integrated into RTS must (a) co-exist with the real- time tasks in the system and (b) operate without impacting the timing and safety constraints of the control logic. We introduce Contego, an approach to integrating security tasks into RTS without affecting temporal requirements. Contego is specifically designed for legacy systems, viz., the real-time control systems in which major alterations of the system parameters for constituent tasks is not always feasible. Contego combines the concept of opportunistic execution with hierarchical scheduling to maintain compatibility with legacy systems while still providing flexibility by allowing security tasks to operate in different modes. We also define a metric to measure the effectiveness of such integration. We evaluate Contego using synthetic workloads as well as with an implementation on a realistic embedded platform (an open- source ARM CPU running real-time Linux).

Cryptography and Security,Operating Systems

Da-Wen Huang,Fengji Luo,Jichao Bi,Mingyang Sun

DOI: https://doi.org/10.1109/tifs.2022.3191491

IF: 7.231

2022-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Deploying Intrusion Detection Systems (IDSs) is an essential way to enhance the security of Multi-hop Clustered Wireless Sensor Networks (MCWSNs). The conventional IDS deployment architectural designs show limitations in ensuring the security of MCWSNs due to the limited monitoring range of the nodes. This paper proposes an efficient IDS deployment architecture for MCWSNs. The architecture is a hybrid design, in which the cluster heads and the sink collaboratively act as IDS agents to monitor the entire network and perform intrusion detection. Based on the new architecture, this paper proposes a resource allocation model to optimally allocate resources among the IDS agents so that the network’s security metric can be maximized. A comprehensive analytical framework is proposed to analyze the optimality of the model’s solution, and an efficient computational approach is developed to obtain the optimal resource allocation strategy. Extensive numerical simulation and comparison studies are conducted to validate the proposed method.

Zhuojun Zhuang,Yuan Luo,Minglu Li,Chuliang Weng

DOI: https://doi.org/10.1109/NPC.2008.66

2008-01-01

Abstract:As network becomes faster, there is an emergence need for parallel intrusion detection techniques to keep up with the rapid increase in link speed. Resource scheduling plays a key role in parallel detection schemes. Its primary function is to assist a parallel network-based intrusion detection system (NIDS) to achieve high performance in network environment. In this paper, we introduce an abstract NIDS model and a related new resource scheduling strategy on multi-core platform. This strategy provides a resource configuration scheme by comprehensively considering many performance metrics. Preliminary examples demonstrate the effectiveness of our approach and present a first experimental evaluation.

Wei Jiang,Yue Ma,Nan Sang,Ziguo Zhong

DOI: https://doi.org/10.1016/j.compeleceng.2014.10.002

IF: 4.152

2015-01-01

Computers & Electrical Engineering

Abstract:Widely deployed real-time embedded systems can improve the performance of industrial applications, but these systems also face the critical challenge of providing high quality security in an unpredictable network environment. We measure the time and energy consumptions of commonly used cryptographic algorithms on a real embedded platform and introduce a method to quantify the security risk of real-time applications. We propose a Dynamic Security Risk Management (DSRM) mechanism to manage the aperiodic real-time tasks for networked industrial applications. Inspired by the feedback design philosophy, DSRM is designed as a two-level control mechanism. The upper-level component makes efforts to admit or reject the arrival tasks and assigns the reasonable security level for each admitted task. With three proportional feedback controllers at the lower level, the security level of each ready task can be adjusted adaptively according to the dynamic environments. Simulation results show the superiority of the proposed mechanism.

Monowar Hasan,Ashish Kashinath,Chien-Ying Chen,Sibin Mohan

DOI: https://doi.org/10.1145/3649499

IF: 16.6

2024-02-26

ACM Computing Surveys

Abstract:Security is an increasing concern for real-time systems (RTS). Over the last decade or so, researchers have demonstrated attacks and defenses aimed at such systems. In this paper, we identify , classify and measure the effectiveness of the security research in this domain. We provide a high-level summary [ identification ] and a taxonomy [ classification ] of this existing body of work. Furthermore, we carry out an in-depth analysis [ measurement ] of scheduler-based security techniques — the most common class of real-time security mechanisms. For this purpose, we developed a common metric, “ attacker’s burden ”, used to measure the effectiveness of (existing as well as future) scheduler-based real-time security measures.

computer science, theory & methods

Yue Ma,Wei Jiang,Nan Sang,Ziguo Zhong

DOI: https://doi.org/10.1109/ares.2012.45

2012-01-01

Abstract:Traditional mechanisms for risk control and task scheduling may not be very suitable for security-critical embedded real-time systems under dynamic operation environments. In this paper, we are interested in design of an adaptive risk control and management mechanism of the uniprocessor system for real-time embedded applications. With the purpose of obtaining adaptive capability to reduce system risks without sacrificing soft real-time performance, a two-level feedback scheduling framework was deployed at runtime. The upper-level component automatically monitors the status of the waiting queue, then admits or rejects the input workloads and assigns a reasonable security level for ready tasks. The lower-level scheduling framework can dynamically adjust the security level of ready tasks based on the runtime situation. Simulation results show the superiority of the proposed mechanism, especially the good adaptivity under dynamic system workloads.

Jiankang Ren,Chunxiao Liu,Chi Lin,Wei Jiang,Pengfei Wang,Xiangwei Qi,Simeng Li,Shengyu Li

DOI: https://doi.org/10.1109/tcad.2024.3445260

IF: 2.9

2024-11-09

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Embedded real-time systems generally execute in a predictable and deterministic manner to deliver critical functionality within stringent timing constraints. However, the predictable execution behavior leaves the system vulnerable to schedule-based attacks. In this article, we present a multimode security-aware real-time scheduling scheme to counteract schedule-based attacks on multiprocessor real-time systems. To mitigate the vulnerability to the schedule-based attack, we propose a multimode scheduling method to reduce the accumulative attack effective window (AEW) of multiple victim tasks and prevent the untrusted tasks from executing during the AEW by distinctively scheduling mixed-trust tasks according to the system mode. To avoid the protection degradation due to the excessive blocking of untrusted tasks, we introduce a protection window for multiple victims on multiprocessors by analyzing the system protection capability limit under the system schedulability constraint. Furthermore, to maximize the protection capability of the multimode security-aware scheduling strategy on a multiprocessor platform, we also propose a security-aware packing algorithm to balance the workloads of mixed-trust tasks on different processors using a mixed-trust worst-fit decreasing heuristic strategy. The experimental results demonstrate that our proposed approach significantly outperforms the state-of-the-art method. Specifically, the AEW ratio and the AEW untrusted execution time ratio are reduced by 18.8% and 62.8%, respectively, while the defense success rate against ScheduLeak attack is improved by 16.3%.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Yue Ma,Wei Jiang,Nan Sang,Xia Zhang

DOI: https://doi.org/10.1109/ISPA.2012.56

2012-01-01

Abstract:Since the real-time systems are becoming increasingly networked, there are some growing critical challenges of security management and risk control. For the unpredicted and especially unsecured environments, such security-critical distributed real-time embedded systems need to enforce security on multiple nodes in order to against the potential threats as well as satisfying the real-time requirements. Unlike the traditional ad hoc static designing approaches, based on feedback theory, this paper proposes an Adaptive Risk Control and Security Management (ARCSM) mechanism for centralized distributed systems. ARCSM has the ability to guarantee the soft real-time and provide as strong security protection as possible. To meet this requirement, the host server is able to refuse to serve for the deadline missed tasks. In each node, a two-level scheduling framework is designed to implement the feedback control twice. In the first feedback, an appropriate initial security level is assigned for new task. At the runtime, the second feedback can dynamically adjust the ready tasks' security level based on runtime status. Considering features of embedded systems, we measured the energy and time costs of cryptographic algorithms and established a method to quantify the security risk. Moreover, the relationship between time and energy costs analyzed in this paper leaves its significance for the future researches. Experimental results demonstrate that our mechanism can be adaptive to the fluctuation of input workloads and has better performance than open-loop schemes.

Tian Daxin,Xiang Yang

DOI: https://doi.org/10.1109/npc.2008.19

2008-01-01

Abstract:Integrated multi-core processors with on-chip application acceleration have established themselves as the most efficient method of powering next-generation networking platforms. New research has been conducted for addressing the issues of multi-core supported network and system security. This paper put forward an asymmetrical multiprocessing architecture multi-core supported anomaly intrusion detection system. The key idea is to use an independent core to run the intrusion detection system to monitor the host system. The detection method is based on the Hebb rule and uses libpcap to grab the network transmission packages. In the experiments, we use VMware which is configured to run the Ubuntu to simulate the IDS core. The results show that when the intrusion threshold is 0.3-0.5 the system performs best.

Jian Wang,Ying Li

DOI: https://doi.org/10.3390/info12040169

2021-01-01

Information

Abstract:Ensuring the security of IoT devices and chips at runtime has become an urgent task as they have been widely used in human life. Embedded memories are vital components of SoC (System on Chip) in these devices. If they are attacked or incur faults at runtime, it will bring huge losses. In this paper, we propose a run-time detection architecture for memory security (RDAMS) to detect memory threats (fault and Hardware Trojans attack). The architecture consists of a Security Detection Core (SDC) that controls and enforces the detection procedure as a “security brain”, and a memory wrapper (MEM_wrapper) which interacts with memory to assist the detection. We also design a low latency response mechanism to solve the SoC performance degradation caused by run-time detection. A block-based multi-granularity detection approach is proposed to render the design flexible and reduce the cost in implementation using the FPGA’s dynamic partial reconfigurable (DPR) technology, which enables online detection mode reconfiguration according to the requirements. Experimental results show that RDAMS can correctly detect and identify 10 modeled memory faults and two types of Hardware Trojans (HTs) attacks without leading a great performance degradation to the system.

Zhuojun Zhuang,Yuan Luo,Minglu Li,Chuliang Weng

DOI: https://doi.org/10.1109/chinagrid.2008.27

2008-01-01

Abstract:The processing speed of conventional network-based intrusion detection systems (NIDSs) is incompetent as to the rapid increase in network link speed. This problem imposes an emerging need for new detection technologies. In this paper, we introduce a multi-core technique which opens up another way for fast intrusion detection by proper workload partitioning and parallel detection on high-speed link. We present an abstract model of NIDS on multi-core platform and discuss the optimal solution when minimum memory occupation achieves. A preliminary example shows the model configuration and presents a first experimental evaluation.

S. Shukla,Anand Handa,Nitesh Kumar

DOI: https://doi.org/10.1145/3488932.3527289

2022-05-30

Abstract:There are several security tools available to tackle cyber threats, but the sophistication of attacks leads to the failure of defense mechanisms. Among such tools, endpoint security agents are much prominent to safeguard organizations from potential threats. To monitor and investigate systems for unpredictable modifications and proof of tactics, techniques, and procedures (TTP) used by malware writers. In this work, we develop a real-time system behavior monitoring solution. We use three modules - monitoring, analysis, and mapping to counter the threats based on attack patterns. All three modules have their unique mechanism and are interconnected. The monitoring agent is developed for the Windows platform using the C++ programming language, which captures Windows kernel-level system events in a multi-threaded form. It captures critical information such as - network activity, registry, file, accessed paths, processes, etc. The monitoring agent ships the collected events to the analysis module. In the analysis module, we perform analysis in three phases: rule-based, machine learning (ML)-based, and risk-assessment. Rule-based mechanism finds the Indicator of Compromises (IoCs) from the system events related to exploits, web shell, malicious documents, etc. The ML-based analysis gives an overall understanding of normal vs. suspicious behavior. The risk-assessment analysis uses rule-based and ML-based analysis outputs, to provide the risk-score based on the number of IoCs detected and the suspicious behavior predicted. In the mapping phase, we offer an interactive dashboard to the end-user for visualizing all the activities and the analysis outcomes like running processes, suspicious processes, network activities, port accessed, suspicious paths accessed by a single process, etc., using Kibana. The designed tool monitors the system events in near real-time and reports any suspicious activity that helps in mitigating the threats posed to the user. Hence, it acts as a comprehensive security solution with multi-dimensional capabilities.

Computer Science

Nishanth Shankaran,Xenofon D. Koutsoukos,Douglas C. Schmidt,Yuan Xue,Chenyang Lu

DOI: https://doi.org/10.1007/s11241-007-9014-5

2007-04-06

Abstract:AbstractReal-time and embedded systems have traditionally been designed for closed environments where operating conditions, input workloads, and resource availability are known a priori, and are subject to little or no change at runtime. There is increasing demand, however, for adaptive capabilities in distributed real-time and embedded (DRE) systems that execute in open environments where system operational conditions, input workload, and resource availability cannot be characterized accurately a priori. A challenging problem faced by researchers and developers of such systems is devising effective adaptive resource management strategies that can meet end-to-end quality of service (QoS) requirements of applications. To address key resource management challenges of open DRE systems, this paper presents the Hierarchical Distributed Resource-management Architecture (HiDRA), which provides adaptive resource management using control techniques that adapt to workload fluctuations and resource availability for both bandwidth and processor utilization simultaneously.This paper presents three contributions to research in adaptive resource management for DRE systems. First, we describe the structure and functionality of HiDRA. Second, we present an analytical model of HiDRA that formalizes its control-theoretic behavior and presents analytical assurance of system performance. Third, we evaluate the performance of HiDRA via experiments on a representative DRE system that performs real-time distributed target tracking. Our analytical and empirical results indicate that HiDRA yields predictable, stable, and efficient system performance, even in the face of changing workload and resource availability.

computer science, theory & methods

Arkaprava Sain,Sunandan Adhikary,Ipsita Koley,Soumyajit Dey

2024-08-01

Abstract:Modern Cyber-Physical Systems (CPSs) consist of numerous control units interconnected by communication networks. Each control unit executes multiple safety-critical and non-critical tasks in real-time. Most of the safety-critical tasks are executed with a fixed sampling period to ensure deterministic timing behaviour that helps in its safety and performance analysis. However, adversaries can exploit this deterministic behaviour of safety-critical tasks to launch inference-based-based attacks on them. This paper aims to prevent and minimize the possibility of such timing inference or schedule-based attacks to compromise the control units. This is done by switching between strategically chosen execution rates of the safety-critical control tasks such that their performance remains unhampered. Thereafter, we present a novel schedule vulnerability analysis methodology to switch between valid schedules generated for these multiple periodicities of the control tasks in run time. Utilizing these strategies, we introduce a novel Multi-Rate Attack-Aware Randomized Scheduling (MAARS) framework for preemptive fixed-priority schedulers that minimize the success rate of timing-inference-based attacks on safety-critical real-time systems. To our knowledge, this is the first work to propose a schedule randomization method with attack awareness that preserves both the control and scheduling aspects. The efficacy of the framework in terms of attack prevention is finally evaluated on several automotive benchmarks in a Hardware-in-loop (HiL) environment.

Systems and Control,Cryptography and Security,Operating Systems

Ronny Chevalier,Maugan Villatel,David Plaquin,Guillaume Hiet

DOI: https://doi.org/10.1145/3134600.3134622

2018-03-07

Abstract:Highly privileged software, such as firmware, is an attractive target for attackers. Thus, BIOS vendors use cryptographic signatures to ensure firmware integrity at boot time. Nevertheless, such protection does not prevent an attacker from exploiting vulnerabilities at runtime. To detect such attacks, we propose an event-based behavior monitoring approach that relies on an isolated co-processor. We instrument the code executed on the main CPU to send information about its behavior to the monitor. This information helps to resolve the semantic gap issue. Our approach does not depend on a specific model of the behavior nor on a specific target. We apply this approach to detect attacks targeting the System Management Mode (SMM), a highly privileged x86 execution mode executing firmware code at runtime. We model the behavior of SMM using invariants of its control-flow and relevant CPU registers (CR3 and SMBASE). We instrument two open-source firmware implementations: EDK II and coreboot. We evaluate the ability of our approach to detect state-of-the-art attacks and its runtime execution overhead by simulating an x86 system coupled with an ARM Cortex A5 co-processor. The results show that our solution detects intrusions from the state of the art, without any false positives, while remaining acceptable in terms of performance overhead in the context of the SMM (i.e., less than the 150 $\mu$s threshold defined by Intel).

Cryptography and Security

Chien-Ying Chen,AmirEmad Ghassami,Sibin Mohan,Negar Kiyavash,Rakesh B. Bobba,Rodolfo Pellizzoni,Man-Ki Yoon

DOI: https://doi.org/10.48550/arXiv.1705.02561

2017-05-07

Abstract:In real-time embedded systems (RTS), failures due to security breaches can cause serious damage to the system, the environment and/or injury to humans. Therefore, it is very important to understand the potential threats and attacks against these systems. In this paper we present a novel reconnaissance attack that extracts the exact schedule of real-time systems designed using fixed priority scheduling algorithms. The attack is demonstrated on both a real hardware platform and a simulator, with a high success rate. Our evaluation results show that the algorithm is robust even in the presence of execution time variation.

Cryptography and Security,Operating Systems

Ziqian Wan,Gang Liang,Tao Li

DOI: https://doi.org/10.4304/jnw.7.9.1327-1333

2012-01-01

Journal of Networks

Abstract:It is becoming increasingly hard to build an intrusion detection system (IDS), because of the higher traffic throughput and the rising sophistication of attacking. Scale will be an important issue to address in the intrusion detection area. For hardware, tomorrow’s performance gains will come from multi-core architectures in which a number of CPU executes concurrently. We take the advantage of multi-core processors’ full power for intrusion detection in this work. We present an intrusion detection system based on the Snort open-source IDS that exploits the computational power of MIPS multi-core architecture to offload the costly pattern matching operations from the CPU, and thus increase the system’s processing throughput. A preliminary experiment demonstrates the potential of this system. The experiment results indicate that this method can be used effectively to speed up intrusion detection systems.

Jinping Liu,Wuxia Zhang,Tianyu Ma,Zhaohui Tang,Yongfang Xie,Weihua Gui,Jean Paul Niyoyita

DOI: https://doi.org/10.1016/j.eswa.2020.113578

IF: 8.5

2020-11-01

Expert Systems with Applications

Abstract:<p>Industrial Cyber-physical systems (ICPSs), integrating communication, computation and control of industrial processes are referred to as a core technology to approach the <em>Industry 4.0</em>. Ensuring the ICPS security is of paramount importance in smart manufacturing. Considering the characteristics of large-scale, geographically-dispersed and multi-dimensional heterogeneous, federated and life-critical natures of ICPSs, this paper investigates a hierarchically distributed intrusion detection scheme that seeks to achieve the all-round safety protection of ICPSs according to the system structure and attacking types of each ICPS layer. For physical system-relevant perceptual executive layer, potential and covert attacks are detected by the clustered sensory system state residual anomaly monitoring based on a process noise and measurement noise-adaptive Kalman filter (PNMN-AKF). PNMN-AKF can perform a joint recursive estimation of dynamic system states, time-varying process and measurement noise covariance matrices by the variational Bayes approximation framework. In cyberspace, potential cyber-attacks are detected by the anomaly monitoring of the statistical distribution of the network transmission characteristics of data transmission layer by introducing a forgetting factor-induced recursive Gaussian mixture model (FF-RGMM). In the application control layer, a regularized sparse deep belief network model is introduced to characterize the misuse behavior for detecting potential attacks. Extensive validation and comparative experiments have been conducted on a numerical simulation system and a comprehensive ICPS simulation platform by using OPNET and a commonly-used benchmark simplified Tennessee Eastman process (STEP) based on Matlab/Simulink. Experimental results demonstrate that the proposed hierarchically distributed intrusion detection method can efficiently recognize potential and covert cyber-attacks in each ICPSs link with low false alarm rate and missing detection rate, which lays a foundation for the overall security monitoring of ICPSs.</p>

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Michael Bechtel,Heechul Yun

2024-04-09

Abstract:In this paper, we present a solution to the industrial challenge put forth by ARM in 2022. We systematically analyze the effect of shared resource contention to an augmented reality head-up display (AR-HUD) case-study application of the industrial challenge on a heterogeneous multicore platform, NVIDIA Jetson Nano. We configure the AR-HUD application such that it can process incoming image frames in real-time at 20Hz on the platform. We use Microarchitectural Denial-of-Service (DoS) attacks as aggressor workloads of the challenge and show that they can dramatically impact the latency and accuracy of the AR-HUD application. This results in significant deviations of the estimated trajectories from known ground truths, despite our best effort to mitigate their influence by using cache partitioning and real-time scheduling of the AR-HUD application. To address the challenge, we propose RT-Gang++, a partitioned real-time gang scheduling framework with last-level cache (LLC) and integrated GPU bandwidth throttling capabilities. By applying RT-Gang++, we are able to achieve desired level of performance of the AR-HUD application even in the presence of fully loaded aggressor tasks.

Performance