Mitigating timing based information leakage in shared schedulers

Sachin Kadloor, Negar Kiyavash, Parv Venkitasubramaniam

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this work, we study information leakage in timing side channels that arise in the context of shared event schedulers. Consider two processes, one of them an innocuous process (referred to as Alice) and the other a malicious one (referred to as Bob), using a common scheduler to process their jobs. Based on when his jobs get processed, Bob wishes to learn about the pattern (size and timing) of jobs of Alice. Depending on the context, knowledge of this pattern could have serious implications on Alice's privacy and security. For instance, shared routers can reveal traffic patterns, shared memory access can reveal cloud usage patterns, and suchlike. We present a formal framework to study the information leakage in shared resource schedulers using the pattern estimation error as a performance metric. In this framework, a uniform upper bound is derived to benchmark different scheduling policies. The first-come-first-serve scheduling policy is analyzed, and shown to leak significant information when the scheduler is loaded heavily. To mitigate the timing information leakage, we propose an "Accumulate-and-Serve" policy which trades in privacy for a higher delay. The policy is analyzed under the proposed framework and is shown to leak minimum information to the attacker, and is shown to have comparatively lower delay than a fixed scheduler that preemptively assigns service times irrespective of traffic patterns.

Original languageEnglish (US)
Title of host publication2012 Proceedings IEEE INFOCOM, INFOCOM 2012
Pages1044-1052
Number of pages9
DOIs
StatePublished - Jun 4 2012
EventIEEE Conference on Computer Communications, INFOCOM 2012 - Orlando, FL, United States
Duration: Mar 25 2012Mar 30 2012

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X

Other

OtherIEEE Conference on Computer Communications, INFOCOM 2012
CountryUnited States
CityOrlando, FL
Period3/25/123/30/12

ASJC Scopus subject areas

  • Computer Science(all)
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Mitigating timing based information leakage in shared schedulers'. Together they form a unique fingerprint.

Cite this