A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems

Jiyang Chen; Zhiwei Feng; Jen Yang Wen; Bo Liu; Lui Sha

doi:10.23919/DATE.2019.8714888

A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems

Jiyang Chen, Zhiwei Feng, Jen Yang Wen, Bo Liu, Lui Sha

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The Unmanned aerial vehicles (UAVs) sector is fast-expanding. Protection of real-time UAV applications against malicious attacks has become an urgent problem that needs to be solved. Denial-of-service (DoS) attack aims to exhaust system resources and cause important tasks to miss deadlines. DoS attack may be one of the common problems of UAV systems, due to its simple implementation. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: ContainerDrone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict attacker's access to CPU core set and utilization. Memory bandwidth throttling limits attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attacks over communication channels. Upon the detection of a security rule violation, the framework switches to the safety controller to mitigate the attack. We implemented a prototype quadcopter with commercially off-the-shelf (COTS) hardware and open-source software. Our experimental results demonstrated the effectiveness of the proposed framework defending against various DoS attacks.

Original language	English (US)
Title of host publication	Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1222-1227
Number of pages	6
ISBN (Electronic)	9783981926323
DOIs	https://doi.org/10.23919/DATE.2019.8714888
State	Published - May 14 2019
Event	22nd Design, Automation and Test in Europe Conference and Exhibition, DATE 2019 - Florence, Italy Duration: Mar 25 2019 → Mar 29 2019

Publication series

Name	Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019

Conference

Conference	22nd Design, Automation and Test in Europe Conference and Exhibition, DATE 2019
Country/Territory	Italy
City	Florence
Period	3/25/19 → 3/29/19

Keywords

Cyber Physical System
Denial of Service attack
Linux Container
Real-time System
Security
Simplex
Unmanned Aerial Vehicle Systems

ASJC Scopus subject areas

Hardware and Architecture
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality
Control and Optimization

Online availability

10.23919/DATE.2019.8714888

Library availability

Discover UIUC Full Text

Cite this

Chen, J., Feng, Z., Wen, J. Y., Liu, B., & Sha, L. (2019). A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems. In Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019 (pp. 1222-1227). Article 8714888 (Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.23919/DATE.2019.8714888

A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems. / Chen, Jiyang; Feng, Zhiwei; Wen, Jen Yang et al.
Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 1222-1227 8714888 (Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Chen, J, Feng, Z, Wen, JY, Liu, B & Sha, L 2019, A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems. in Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019., 8714888, Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019, Institute of Electrical and Electronics Engineers Inc., pp. 1222-1227, 22nd Design, Automation and Test in Europe Conference and Exhibition, DATE 2019, Florence, Italy, 3/25/19. https://doi.org/10.23919/DATE.2019.8714888

Chen J, Feng Z, Wen JY, Liu B, Sha L. A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems. In Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 1222-1227. 8714888. (Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019). doi: 10.23919/DATE.2019.8714888

Chen, Jiyang ; Feng, Zhiwei ; Wen, Jen Yang et al. / A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems. Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 1222-1227 (Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019).

@inproceedings{1266d65854af4b30a9409fefbcbb3664,

title = "A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems",

abstract = "The Unmanned aerial vehicles (UAVs) sector is fast-expanding. Protection of real-time UAV applications against malicious attacks has become an urgent problem that needs to be solved. Denial-of-service (DoS) attack aims to exhaust system resources and cause important tasks to miss deadlines. DoS attack may be one of the common problems of UAV systems, due to its simple implementation. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: ContainerDrone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict attacker's access to CPU core set and utilization. Memory bandwidth throttling limits attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attacks over communication channels. Upon the detection of a security rule violation, the framework switches to the safety controller to mitigate the attack. We implemented a prototype quadcopter with commercially off-the-shelf (COTS) hardware and open-source software. Our experimental results demonstrated the effectiveness of the proposed framework defending against various DoS attacks.",

keywords = "Cyber Physical System, Denial of Service attack, Linux Container, Real-time System, Security, Simplex, Unmanned Aerial Vehicle Systems",

author = "Jiyang Chen and Zhiwei Feng and Wen, {Jen Yang} and Bo Liu and Lui Sha",

note = "Publisher Copyright: {\textcopyright} 2019 EDAA.; 22nd Design, Automation and Test in Europe Conference and Exhibition, DATE 2019 ; Conference date: 25-03-2019 Through 29-03-2019",

year = "2019",

month = may,

day = "14",

doi = "10.23919/DATE.2019.8714888",

language = "English (US)",

series = "Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1222--1227",

booktitle = "Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019",

address = "United States",

}

TY - GEN

T1 - A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems

AU - Chen, Jiyang

AU - Feng, Zhiwei

AU - Wen, Jen Yang

AU - Liu, Bo

AU - Sha, Lui

PY - 2019/5/14

Y1 - 2019/5/14

N2 - The Unmanned aerial vehicles (UAVs) sector is fast-expanding. Protection of real-time UAV applications against malicious attacks has become an urgent problem that needs to be solved. Denial-of-service (DoS) attack aims to exhaust system resources and cause important tasks to miss deadlines. DoS attack may be one of the common problems of UAV systems, due to its simple implementation. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: ContainerDrone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict attacker's access to CPU core set and utilization. Memory bandwidth throttling limits attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attacks over communication channels. Upon the detection of a security rule violation, the framework switches to the safety controller to mitigate the attack. We implemented a prototype quadcopter with commercially off-the-shelf (COTS) hardware and open-source software. Our experimental results demonstrated the effectiveness of the proposed framework defending against various DoS attacks.

AB - The Unmanned aerial vehicles (UAVs) sector is fast-expanding. Protection of real-time UAV applications against malicious attacks has become an urgent problem that needs to be solved. Denial-of-service (DoS) attack aims to exhaust system resources and cause important tasks to miss deadlines. DoS attack may be one of the common problems of UAV systems, due to its simple implementation. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: ContainerDrone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict attacker's access to CPU core set and utilization. Memory bandwidth throttling limits attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attacks over communication channels. Upon the detection of a security rule violation, the framework switches to the safety controller to mitigate the attack. We implemented a prototype quadcopter with commercially off-the-shelf (COTS) hardware and open-source software. Our experimental results demonstrated the effectiveness of the proposed framework defending against various DoS attacks.

KW - Cyber Physical System

KW - Denial of Service attack

KW - Linux Container

KW - Real-time System

KW - Security

KW - Simplex

KW - Unmanned Aerial Vehicle Systems

UR - http://www.scopus.com/inward/record.url?scp=85066629863&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85066629863&partnerID=8YFLogxK

U2 - 10.23919/DATE.2019.8714888

DO - 10.23919/DATE.2019.8714888

M3 - Conference contribution

AN - SCOPUS:85066629863

T3 - Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019

SP - 1222

EP - 1227

BT - Proceedings of the 2019 Design, Automation and Test in Europe Conference and Exhibition, DATE 2019

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 22nd Design, Automation and Test in Europe Conference and Exhibition, DATE 2019

Y2 - 25 March 2019 through 29 March 2019

ER -

A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this