عنوان

T-Pack, Timed Network Security in Real Time System

Number

TLpq2491966687

.Language of Text, Soundtrack etc

انگلیسی

Title Proper

T-Pack, Timed Network Security in Real Time System

General Material Designation

[Thesis]

First Statement of Responsibility

Mittal, Swastik

Subsequent Statement of Responsibility

Yu, Ruozhou

Name of Publisher, Distributor, etc.

North Carolina State University

Date of Publication, Distribution, etc.

2020

Specific Material Designation and Extent of Item

48

Dissertation or thesis details and type of degree

M.Sc.

Body granting the degree

North Carolina State University

Text preceding or following the note

2020

Text of Note

Real-time systems are widely deployed as cyber-physical systems to control physical processes with timing requirements in a networked environment, i.e., as distributed systems. Purpose of realization as a distributed system ranges from providing fault tolerance, remote monitoring, coordination with other distributed control processes to data processing of networked sensors and actuators. Exposure to network communication between real-time control systems raises system vulnerability to malware attacks over the network, e.g., man-in-the-middle attacks, data corruption, denial of service and eavesdropping. Such attacks require code injection of malware into the system, which results in alteration not only of system behavior via hijacked execution control but also incurs timing dilation to plant the injected code or, in case of network attacks, to drop, add, reroute, or modify packets before they reach their target. This work proposes to use the time overhead added by such cyber attacks to detect malware intrusion in cyber-physical real-time systems. A new method of timed packet protection, T-Pack, analyzes end-to-end transmission times of packets and detects a compromised system or network based on deviation of observed time from the expected time.Malware intrusion detection is demonstrated by observing timing constraints with and without a compromised network. First, a custom header is introduced to each packet to store timing information calculated to reflect end-to-end transmission times. Second, real-time application scenarios are analyzed in terms of their susceptibility to malware attacks. Results are evaluated on a distributed system of embedded platforms running a Preempt RT Linux kernel to demonstrate the real-time capability of our work.

Computer science

Mittal, Swastik

Yu, Ruozhou

Electronic name

p

[Thesis]

276903

a

Y