University of Illinois Urbana-Champaign

Efficient system auditing for real-time systems

Kandikuppa, Anant

Permalink

https://hdl.handle.net/2142/110522

Description

Title
Efficient system auditing for real-time systems
Author(s)
Kandikuppa, Anant
Issue Date
2021-04-23
Director of Research (if dissertation) or Advisor (if thesis)
Bates, Adam
Department of Study
Computer Science
Discipline
Computer Science
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
M.S.
Degree Level
Thesis
Keyword(s)
  • Real-time systems
  • Computer Security
Abstract
Auditing is a powerful tool that provides machine operators with the mechanisms to observe, and glean insights from, generic computing systems. The information obtained by auditing systems can be used to detect and explain suspicious activity, from fault/error diagnosis to intrusion detection and forensics after security incidents. While such mechanisms would be beneficial for Real-Time Systems (RTS), existing audit frameworks are rarely designed for this domain. If audit mechanisms are not carefully integrated into real-time operating systems, they can negatively impact the temporal constraints of RTS. In this paper, we demonstrate how to apply commodity audit frameworks to real-time systems. We design novel kernel-based reduction techniques that leverage the periodic, repetitive, nature of real-time (RT) applications to aggressively reduce the costs/overheads of a system-level auditing, viz. Linux Audit (a popular open source audit framework). This is coupled with a rigorous analysis to understand the conflicts between the temporal requirements of RT applications and the audit subsystem. Our approach, Ellipsis, generates succinct behaviors of RT application and retains a lossless record of process activity, enabling analysis/detection of unexpected activity while meeting temporal constraints. Our evaluation of Ellipsis, using ArduPilot (an open-source autopilot application suite) and synthetically generated tasksets, demonstrates up to 93% reduction in audit event generation.
Graduation Semester
2021-05
Type of Resource
Thesis
Permalink
http://hdl.handle.net/2142/110522
Copyright and License Information
Copyright 2021 Anant Kandikuppa

Owning Collections

Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at Illinois
Dissertations and Theses - Computer Science
Dissertations and Theses from the Dept. of Computer Science