A. James Clark School of Engineering
Permanent URI for this communityhttp://hdl.handle.net/1903/1654
The collections in this community comprise faculty research works, as well as graduate theses and dissertations.
Browse
7 results
Search Results
Item TACKLING PERFORMANCE AND SECURITY ISSUES FOR CLOUD STORAGE SYSTEMS(2022) Kang, Luyi; Jacob, Burce; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)Building data-intensive applications and emerging computing paradigm (e.g., Machine Learning (ML), Artificial Intelligence (AI), Internet of Things (IoT) in cloud computing environments is becoming a norm, given the many advantages in scalability, reliability, security and performance. However, under rapid changes in applications, system middleware and underlying storage device, service providers are facing new challenges to deliver performance and security isolation in the context of shared resources among multiple tenants. The gap between the decades-old storage abstraction and modern storage device keeps widening, calling for software/hardware co-designs to approach more effective performance and security protocols. This dissertation rethinks the storage subsystem from device-level to system-level and proposes new designs at different levels to tackle performance and security issues for cloud storage systems. In the first part, we present an event-based SSD (Solid State Drive) simulator that models modern protocols, firmware and storage backend in detail. The proposed simulator can capture the nuances of SSD internal states under various I/O workloads, which help researchers understand the impact of various SSD designs and workload characteristics on end-to-end performance. In the second part, we study the security challenges of shared in-storage computing infrastructures. Many cloud providers offer isolation at multiple levels to secure data and instance, however, security measures in emerging in-storage computing infrastructures are not studied. We first investigate the attacks that could be conducted by offloaded in-storage programs in a multi-tenancy cloud environment. To defend against these attacks, we build a lightweight Trusted Execution Environment, IceClave to enable security isolation between in-storage programs and internal flash management functions. We show that while enforcing security isolation in the SSD controller with minimal hardware cost, IceClave still keeps the performance benefit of in-storage computing by delivering up to 2.4x better performance than the conventional host-based trusted computing approach. In the third part, we investigate the performance interference problem caused by other tenants' I/O flows. We demonstrate that I/O resource sharing can often lead to performance degradation and instability. The block device abstraction fails to expose SSD parallelism and pass application requirements. To this end, we propose a software/hardware co-design to enforce performance isolation by bridging the semantic gap. Our design can significantly improve QoS (Quality of Service) by reducing throughput penalties and tail latency spikes. Lastly, we explore more effective I/O control to address contention in the storage software stack. We illustrate that the state-of-the-art resource control mechanism, Linux cgroups is insufficient for controlling I/O resources. Inappropriate cgroup configurations may even hurt the performance of co-located workloads under memory intensive scenarios. We add kernel support for limiting page cache usage per cgroup and achieving I/O proportionality.Item Security and Trust in Distributed Computation(2015) Liu, Xiangyang; Baras, John S; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)We propose three research problems to explore the relations between trust and security in the setting of distributed computation. In the first problem, we study trust-based adversary detection in distributed consensus computation. The adversaries we consider behave arbitrarily disobeying the consensus protocol. We propose a trust-based consensus algorithm with local and global trust evaluations. The algorithm can be abstracted using a two-layer structure with the top layer running a trust-based consensus algorithm and the bottom layer as a subroutine executing a global trust update scheme. We utilize a set of pre-trusted nodes, headers, to propagate local trust opinions throughout the network. This two-layer framework is flexible in that it can be easily extensible to contain more complicated decision rules, and global trust schemes. The first problem assumes that normal nodes are homogeneous, i.e. it is guaranteed that a normal node always behaves as it is programmed. In the second and third problems however, we assume that nodes are heterogeneous, i.e, given a task, the probability that a node generates a correct answer varies from node to node. The adversaries considered in these two problems are workers from the open crowd who are either investing little efforts in the tasks assigned to them or intentionally give wrong answers to questions. In the second part of the thesis, we consider a typical crowdsourcing task that aggregates input from multiple workers as a problem in information fusion. To cope with the issue of noisy and sometimes malicious input from workers, trust is used to model workers' expertise. In a multi-domain knowledge learning task, however, using scalar-valued trust to model a worker's performance is not sufficient to reflect the worker's trustworthiness in each of the domains. To address this issue, we propose a probabilistic model to jointly infer multi-dimensional trust of workers, multi-domain properties of questions, and true labels of questions. Our model is very flexible and extensible to incorporate metadata associated with questions. To show that, we further propose two extended models, one of which handles input tasks with real-valued features and the other handles tasks with text features by incorporating topic models. Our models can effectively recover trust vectors of workers, which can be very useful in task assignment adaptive to workers' trust in the future. These results can be applied for fusion of information from multiple data sources like sensors, human input, machine learning results, or a hybrid of them. In the second subproblem, we address crowdsourcing with adversaries under logical constraints. We observe that questions are often not independent in real life applications. Instead, there are logical relations between them. Similarly, workers that provide answers are not independent of each other either. Answers given by workers with similar attributes tend to be correlated. Therefore, we propose a novel unified graphical model consisting of two layers. The top layer encodes domain knowledge which allows users to express logical relations using first-order logic rules and the bottom layer encodes a traditional crowdsourcing graphical model. Our model can be seen as a generalized probabilistic soft logic framework that encodes both logical relations and probabilistic dependencies. To solve the collective inference problem efficiently, we have devised a scalable joint inference algorithm based on the alternating direction method of multipliers. The third part of the thesis considers the problem of optimal assignment under budget constraints when workers are unreliable and sometimes malicious. In a real crowdsourcing market, each answer obtained from a worker incurs cost. The cost is associated with both the level of trustworthiness of workers and the difficulty of tasks. Typically, access to expert-level (more trustworthy) workers is more expensive than to average crowd and completion of a challenging task is more costly than a click-away question. In this problem, we address the problem of optimal assignment of heterogeneous tasks to workers of varying trust levels with budget constraints. Specifically, we design a trust-aware task allocation algorithm that takes as inputs the estimated trust of workers and pre-set budget, and outputs the optimal assignment of tasks to workers. We derive the bound of total error probability that relates to budget, trustworthiness of crowds, and costs of obtaining labels from crowds naturally. Higher budget, more trustworthy crowds, and less costly jobs result in a lower theoretical bound. Our allocation scheme does not depend on the specific design of the trust evaluation component. Therefore, it can be combined with generic trust evaluation algorithms.Item A Group-Based Ring Oscillator Physical Unclonable Function(2012) Yin, Chi-En; Qu, Gang; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)Silicon Physical Unclonable Function (PUF) is a physical structure of the chip which has functional characteristics that are hard to predict before fabrication but are expected to be unique after fabrication. This is caused by the random fabrication variations. The secret characteristics can only be extracted through physical measurement and will vanish immediately when the chip is powered down. PUF promises a securer means for cryptographic key generation and storage among many other security applications. However, there are still many practical challenges to cost effectively build secure and reliable PUF secrecy. This dissertation proposes new architectures for ring oscillator (RO) PUFs to answer these challenges. First, our temperature-aware cooperative (TAC) RO PUF can utilize certain ROs that were otherwise discarded due to their instability. Second, our novel group-based algorithm can generate secrecy higher than the theoretical upper bound of the conventional pairwise comparisons approach. Third, we build the first regression-based entropy distiller that can turn the PUF secrecy statistically random and robust, meeting the NIST standards. Fourth, we develop a unique Kendall syndrome coding (KSC) that makes the PUF secrecy error resilient against potential environmental fluctuations. Each of these methods can improve the hardware efficiency of the RO PUF implementation by 1.5X to 8X while improving the security and reliability of the PUF secrecy.Item EXTRINSIC CHANNEL-LIKE FINGERPRINT EMBEDDING FOR TRANSMITTER AUTHENTICATION IN WIRELESS SYSTEMS(2011) Goergen, Nathan Scott; Liu, K.J.Ray; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)We present a physical-layer fingerprint-embedding scheme for wireless signals, focusing on multiple input multiple output (MIMO) and orthogonal frequency division multiplexing (OFDM) transmissions, where the fingerprint signal conveys a low capacity communication suitable for authenticating the transmission and further facilitating secure communications. Our system strives to embed the fingerprint message into the noise subspace of the channel estimates obtained by the receiver, using a number of signal spreading techniques. When side information of channel state is known and leveraged by the transmitter, the performance of the fingerprint embedding can be improved. When channel state information is not known, blind spreading techniques are applied. The fingerprint message is only visible to aware receivers who explicitly preform detection of the signal, but is invisible to receivers employing typical channel equalization. A taxonomy of overlay designs is discussed and these designs are explored through experiment using time-varying channel-state information (CSI) recorded from IEEE802.16e Mobile WiMax base stations. The performance of the fingerprint signal as received by a WiMax subscriber is demonstrated using CSI measurements derived from the downlink signal. Detection performance for the digital fingerprint message in time-varying channel conditions is also presented via simulation.Item Preventing Buffer Overflows with Binary Rewriting(2010) O'Sullivan, Padraig; Barua, Rajeev; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)Buffer overflows are the single largest cause of security attacks in recent times. Attacks based on this vulnerability have been the subject of extensive research and a significant number of defenses have been proposed for dealing with attacks of this nature. However, despite this extensive research, buffer overflows continue to be exploited due to the fact that many defenses proposed in prior research provide only partial coverage and attackers have adopted to exploit problems that are not well defended. The fact that many legacy binaries are still deployed in production environments also contributes to the success of buffer overflow attacks since most, if not all, buffer overflow defenses are source level defenses which require an application to be re-compiled. For many legacy applications, this may not be possible since the source code may no longer be available. In this thesis, we present an implementation of a defense mechanism for defending against various attack forms due to buffer overflows using binary rewriting. We study various attacks that happen in the real world and present techniques that can be employed within a binary rewriter to protect a binary from these attacks. Binary rewriting is a nascent field and little research has been done regarding the applications of binary rewriting. In particular, there is great potential for applications of binary rewriting in software security. With a binary rewriter, a vulnerable application can be immediately secured without the need for access to it's source code which allows legacy binaries to be secured. Also, numerous attacks on application software assume that application binaries are laid out in certain ways or have certain characteristics. Our defense scheme implemented using binary rewriting technology can prevent many of these attacks. We demonstrate the effectiveness of our scheme in preventing many different attack forms based on buffer overflows on both synthetic benchmarks and real-world attacks.Item Design Space Exploration for Energy-Efficient Secure Sensor Network(IEEE, 2002-07) Yuan, Lin; Qu, GangWe consider two of the most important design issues for distributed sensor networks in the battlefield: security for communication in such hostile terrain; and energy efficiency because of battery’s limited capacity and the impracticality of recharging. Communication security is normally provided by encryption, i.e., data are encrypted before transmission and will be decrypted first on reception. We exploit the secure sensor network design space for energy efficiency by investigating different microprocessors coupled with various public key algorithms. We propose a power control mechanism for sensors to operate at an energy-efficient fashion using the newly developed dynamical voltage scaling (DVS) technique. In particular, we consider multiple voltage processors and insert additional information into the communication channel to guide the selection of proper voltages for data decryption/encryption and processing in order to reduce the total computational energy consumption. We experiment several encryption standards on a broad range of embedded processors and simulate the behavior of the sensor network to show that the sensor’s lifetime can be extended substantially.Item Private Communications with Chaotic Code Division Multiple Access: Performance Analysis and System Design(2004-08-04) Hwang, Yeong-Sun; Papadopoulos, Haralabos C; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)In this dissertation we develop a class of pseudochaotic direct-sequence code division multiple access (DS/CDMA) systems that can provide private and reliable communication over wireless channels. These systems exploit the sensitive dependence of chaotic sequences on initial conditions together with the presence of channel noise to provide a substantial gap between the bit error probabilities achievable by intended and unintended receivers. We illustrate how a desired level of private communication can be achieved with a systematic selection of the system parameters. This type of privacy can be readily combined with traditional encryption methods to further ensure the protection of information against eavesdroppers. The systems we propose employ linear modulation of each user's symbol stream on a spreading sequence generated by iterating a distinct initial condition through a pseudochaotic map. We evaluate and compare the uncoded probability of error (Pr(e)) achievable by intended receivers that know the initial condition used to generate the spreading sequence to the associated Pr(e) of unintended receivers that know the modulation scheme but not the initial condition. We identify the map attributes that affect privacy, and construct algorithmic design methods for generating pseudochaotic spreading sequences that successively and substantially degrade the unintended user performance, while yielding intended user performance similar to that of conventional DS/CDMA systems. We develop efficient metrics for quantifying the unintended receiver Pr(e) and prove that it decays at a constant rate of 1/sqrt(SNR) in AWGN and fading channels. In addition, we show that this decaying rate is independent of the available degrees of diversity in fading channels, showing in the process that only intended receivers can harvest the available diversity benefits. Moreover, we illustrate that the pseudochaotic DS/CDMA systems can provide reliable multiuser communication that is inherently resilient to eavesdropping, even in the worst-case scenarios where all receivers in a network except the intended one collude to better eavesdrop on the targeted transmission. We also develop optimized digital implementation methods for generating practical pseudochaotic spreading sequences that preserve the privacy characteristics associated with the underlying chaotic spreading sequences.