Defending against emerging threats in serverless computing through information flow analysis

Datta, Pubali

Permalink

https://hdl.handle.net/2142/121334 Copy

Description

Title

Defending against emerging threats in serverless computing through information flow analysis

Author(s)

Datta, Pubali

Issue Date

2023-07-06

Director of Research (if dissertation) or Advisor (if thesis)

Bates Yuile, Adam

Doctoral Committee Chair(s)

Bates Yuile, Adam

Committee Member(s)

• Gunter, Carl
• Mittal, Radhika
• Enck, William

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

Ph.D.

Degree Level

Dissertation

Keyword(s)

• Computer Security
• Cloud Computing
• Serverless
• Information Flow

Abstract

Serverless computing has freed developers from the burden of managing their own platform and infrastructure, allowing them to rapidly prototype and deploy applications. Despite its surging popularity, however, serverless raises a number of concerning security implications. Many such application workflows are based in part on publicly-available functions developed by third-parties, creating the potential for functions to behave in unexpected, or even malicious, ways. At present, developers are not in total control of where and how their data is flowing, creating significant security and privacy risks. Existing role-based access control solutions are ineffective in protecting the serverless flows due to pervasive misconfiguration problems, and the likelihood of policy failures in serverless applications is high because of multitude of components. Moreover, investigating serverless intrusions is difficult – by decomposing traditional applications into ephemeral re-entrant functions, serverless has enabled attackers to conceal their activities within legitimate workflows, and even prevent root cause analysis by abusing warm container reuse policies to break causal paths. The focus of this dissertation, therefore, is on designing precise information flow based security mechanisms for serverless platforms leveraging the ephemeral, event-driven and stateless function patterns in serverless web applications. Due to the event-driven nature of serverless, function events and outputs can be reliably bound to an event-trigger thus allowing more accurate information flow tracking, and separating functionality into small reentrant functions alleviates dependency explosion. This work details three efforts to bring precise flow tracking to serverless cloud applications. We first present design and implementation of a serverless flow control system where workflow-centric perspective on access control effectively mediates serverless application functions preventing flow violations, especially when compared to the commonly-used RBAC (Role Based Access Control) policies. Next we propose Alastor, the first auditing framework based on provenance for serverless. Alastor is a function-agnostic provenance framework for attack investigation in serverless environments enabling investigation of serverless specific attack strategies. Finally, we present a privilege reduction technique for serverless application through combined formal policy analysis and static code analysis. Using these systems, we will demonstrate that classical in- formation flow analysis based security approaches can be effectively adapted to solve security problems in the serverless paradigm including flow manipulation, and data exfiltration.

Graduation Semester

2023-08

Type of Resource

Thesis

Copyright and License Information

Copyright 2023 Pubali Datta

Owning Collections