Browse > Article
http://dx.doi.org/10.13089/JKIISC.2019.29.4.821

Study on Highly Reliable Drone System to Mitigate Denial of Service Attack in Terms of Scheduling  

Kwak, Ji-Won (Graduate School, Korea University)
Kang, Soo-Young (Center for Information Security Technologies(CIST), Korea University)
Kim, Seung-Joo (Center for Information Security Technologies(CIST), Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.29, no.4, 2019 , pp. 821-834 More about this Journal
Abstract
As cyber security threats increase, there is a growing demand for highly reliable systems. Common Criteria, an international standard for evaluating information security products, requires formal specification and verification of the system to ensure a high level of security, and more and more cases are being observed. In this paper, we propose highly reliable drone systems that ensure high level security level and trust. Based on the results, we use formal methods especially Z/EVES to improve the system model in terms of scheduling in the system kernel.
Keywords
High-Assurance; formal specification; verification; denial of service; drone system;
Citations & Related Records
연도 인용수 순위
  • Reference
1 McDermott, and L. Freitas, "A Formal Security Policy for Xenon" ACM, Conference on Computer and Communications Security, Virginia, USA, 2008, pp. 43-52
2 Praxis High Integrity Systems, "Tokeneer ID Station EAL5 Demonstrator: Summary Report", http://www.adacore.com/home/gnatpro/tokeneer, 2008
3 Adam Greenberg, "Facing Forward: Cyber Security in 2019 and Beyond", FIREEYE, 2018
4 https://www.darpa.mil/program/high-assurance-cyber-military-systems
5 https://www.commoncriteriaportal.org/
6 Grimm, Tomas, Djones Lettnin, and Michael Hubner. "A survey on formal verification techniques for safety-critical systems-on-chip." Electronics 7.6 (2018)
7 Robert C. Armstrong, Ratish J. Punnoose, Matthew H. Wong, Jackson R. Mayo, "Survey of Existing Tools for Formal Verification" SANDIA REPORT
8 Kothari, Suresh, et al. "Modeling lessons from verifying large software systems for safety and security." Proceedings of the 2017 Winter Simulation Conference. IEEE Press, 2017.
9 http://www.cse.chalmers.se/-risat/Report_MarsPathFinder.pdf
10 Penix, John, et al. "Verification of time partitioning in the DEOS scheduler kernel." Proceedings of the 22nd international conference on Software engineering. ACM, 2000.
11 Leinenbach, Dirk, and Thomas Santen. "Verifying the Microsoft Hyper-V hypervisor with VCC." International Symposium on Formal Methods. Springer, Berlin, Heidelberg, 2009.
12 Penix, John, et al. "Verifying time partitioning in the DEOS scheduling kernel." Formal Methods in System Design 26.2 (2005): 103-135.   DOI
13 Kang, Eunsuk, and Daniel Jackson. "Formal modeling and analysis of a flash filesystem in Alloy." International Conference on Abstract State Machines, B and Z. Springer, Berlin, Heidelberg, 2008.
14 Bornholt, James, et al. "Specifying and checking file system crash-consistency models." ACMSIGARCH Computer Architecture News. Vol. 44. No. 2. ACM, 2016.
15 Barthe, Gilles, et al. "Formally verifying isolation and availability in an idealized model of virtualization." International Symposium on Formal Methods. Springer, Berlin, Heidelberg, 2011.
16 Freitas, Leo, and John McDermott. "Formal methods for security in the Xenon hypervisor." International journal on software tools for technology transfer 13.5 (2011): 463.   DOI
17 Klein, Gerwin, et al. "Comprehensive formal verification of an OS microkernel." ACM Transactions on Computer Systems (TOCS) 32.1 (2014)
18 Blackham, Bernard. Towards verified microkernels for real-time mixed-criticality systems. Diss. University of New South Wales, Sydney, Australia, 2013.
19 Gu, Ronghui, et al. "CertiKOS: An Extensible Architecture for Building Certified Concurrent {OS} Kernels." 12th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 16). 2016.
20 KleinG, AndronickJ. "seL4: formal verification of a noperating system kernel." Communication of the Acm, 2010
21 Hassanalian, Mostafa, and Abdessattar Abdelkefi. "Classifications, applications, and design challenges of drones: A review." Progress in Aerospace Sciences 91 (2017): 99-131.   DOI
22 https://cwe.mitre.org/index.html
23 Shostack, Adam. Threat modeling: Designing for security. John Wiley & Sons, 2014.
24 Shostack, Adam. "Experiences Threat Modeling at Microsoft." MODSEC@ MoDELS. 2008.
25 https://cve.mitre.org/index.html
26 https://capec.mitre.org/
27 https://www.owasp.org/
28 Samland, Fred, et al. "AR. Drone: security threat analysis and exemplary attack to track persons." Intelligent Robots and Computer Vision XXIX: Algorithms and Techniques. Vol. 8301. International Society for Optics and Photonics, 2012.
29 Rodday, Nils Miro, Ricardo de O. Schmidt, and Aiko Pras. "Exploring security vulnerabilities of unmanned aerial vehicles." NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium. IEEE, 2016.
30 Shepard, Daniel P., Jahshan A. Bhatti, and Todd E. Humphreys. "Drone hack: Spoofing attack demonstration on a civilian unmanned aerial vehicle." (2012).
31 https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/432646/20150427-DCDC_JDN_3_10_Archived.pdf
32 Rob Kidner "The security drones report 2017", IFSEC GLOBAL 2017
33 911 Security. "AIRSPACE SECURITY INSIGHTS REPORT", Dedrone
34 Robertson, William K., et al. "Run-time Detection of Heap-based Overflows." LISA. Vol. 3. 2003.
35 Sarah Ludwig. "Drones: A Security Tool, Threat and Challenge", SecurityMagazine
36 U.S. Department of Transportation, "Unmanned Aircraft System (UAS) Service Demand 2015 - 2035 Literature Review & Projections of Future Usage". 2013
37 Korea Internet & Security Agency (KISA), "Software Development Security Guide". 2017
38 https://books.google.co.kr/books?id=Z9aNTafcb3IC&redir_esc=y
39 Kuperman, Benjamin A., et al. "Detection and prevention of stack buffer overflow attacks." Communications of the ACM, 2005
40 Davi, Lucas, Ahmad-Reza Sadeghi, and Marcel Winandy. "ROPdefender: A detection tool to defend against return-oriented programming attacks." Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. ACM, 2011.
41 Wagle, Perry, and Crispin Cowan. "Stackguard: Simple stack smash protection for gcc." Proceedings of the GCC Developers Summit. 2003.
42 https://www.cvedetails.com/cve/CVE-2002-1983/
43 Nakagawa, Gaku, and Shuichi Oikawa. "Fork bomb attack mitigation by process resource quarantine." 2016 Fourth International Symposium on Computing and Networking (CANDAR). IEEE, 2016.
44 https://isis.kisa.or.kr/ebook/download_pdf/2018.pdf
45 Berlot, Michele, and Janche Sang. "Dealing with Process Overload Attacks in UNIX." Information Security Journal: A Global Perspective 17.1 (2008): 33-44.   DOI
46 https://www.cyberciti.biz/tips/linux-limiting-user-process.html
47 https://www.symantec.com/ko/kr/security-center/white-papers
48 https://aws.amazon.com/ko/blogs/korea/aws-security-whitepapers/
49 J. Woodcock, S. Stepney, D. Cooper, J. Clark, and 1. Jacob, "The certification of the Mondex electronic purse to ITSEC Level E6", Formal Aspects of Computing 20, 2008
50 S. Stepney, and D. Cooper, "Formal Methods for Industrial Products", LNCS, Springer, ZB2000, York, Aug. 2000