Abstract
The common practice of power infrastructure oversubscription in data centers exposes dangerous vulnerabilities to well-timed power attacks (i.e., maliciously timed power loads to overload the infrastructure capacity), possibly creating outages and resulting in multimillion-dollar losses. In this paper, we focus on the emerging threat of power attacks in a multi-tenant data center, where a malicious tenant (i.e., attacker) aims at compromising the data center availability through power attacks. We discover a novel acoustic side channel resulting from servers' cooling fan noise, which can help the attacker time power attacks at the moments when benign tenants' power usage is high. Concretely, we exploit the acoustic side channel by: (1) employing a high-pass filter to filter out the air conditioner's noise; (2) applying non-negative matrix factorization with sparsity constraint to demix the received aggregate noise and detect periods of high power usage by benign tenants; and (3) designing a state machine to guide power attacks. We run experiments in a practical data center environment as well as simulation studies, and demonstrate that the acoustic side channel can assist the attacker with detecting more than 50% of all attack opportunities, representing state-of-the-art timing accuracy.
- NRDC, "Scaling up energy efficiency across the data center industry: Evaluating key drivers and barriers," Issue Paper, Aug. 2014.Google Scholar
- M. A. Islam, H. Mahmud, S. Ren, and X. Wang, "Paying to save: Reducing cost of colocation data center via rewards," in HPCA, 2015.Google Scholar
- "Colocation market - worldwide market forecast and analysis (2013 - 2018)," http://www.marketsandmarkets.com/ResearchInsight/colocation.asp.Google Scholar
- Apple, "Environmental responsibility report," 2016.Google Scholar
- Colocation America, "Data center standards (Tiers I-IV)," 2017, https://www.colocationamerica.com/data-center/tier-standards-overview.htm.Google Scholar
- Telecommunications Industry Association, "Data center standards overview," TIA 942, 2005 (amended in 2014).Google Scholar
- W. P. Turner, J. H. Seader, and K. G. Brill, "Tier classifications define site infrastructure performance," Uptime Institute White Paper 17, 2006.Google Scholar
- S. Pelley, D. Meisner, P. Zandevakili, T. F. Wenisch, and J. Underwood, "Power routing: Dynamic power provisioning in the data center," in ASPLOS, 2010. Google ScholarDigital Library
- A. Greenberg, J. Hamilton, D. A. Maltz, and P. Patel, "The cost of a cloud: Research problems in data center networks," SIGCOMM Comput. Commun. Rev., vol. 39, Dec. 2008. Google ScholarDigital Library
- Q. Wu, Q. Deng, L. Ganesh, C.-H. R. Hsu, Y. Jin, S. Kumar, B. Li, J. Meza, and Y. J. Song, "Dynamo: Facebook's data center-wide power management system," in ISCA, 2016. Google ScholarDigital Library
- M. A. Islam, X. Ren, S. Ren, A. Wierman, and X. Wang, "A market approach for handling power emergencies in multi-tenant data center," in HPCA, 2016.Google Scholar
- Hornbaker Group, "Determining kilowatt capacity of data center space," http://www.hornbakergroup.com/pdf/Considerations-when-leasing-Data-Center-space-by-the-kilowatt.pdf.Google Scholar
- United States District Court, "Layton v. Terremark North America, LLC," 2014.Google Scholar
- C. Li, Z. Wang, X. Hou, H. Chen, X. Liang, and M. Guo, "Power attack defense: Securing battery-backed data centers," in ISCA, 2016. Google ScholarDigital Library
- S. Govindan, D. Wang, A. Sivasubramaniam, and B. Urgaonkar, "Leveraging stored energy for handling power emergencies in aggressively provisioned datacenters," in ASPLOS, 2012. Google ScholarDigital Library
- Ponemon Institute, "2016 cost of data center outages," 2016, http://goo.gl/6mBFTV.Google Scholar
- Emerson Network Power, "Addressing the leading root causes of downtime," 2013, http://goo.gl/b14XaF.Google Scholar
- Reuters, "British Airways $100M outage was caused by worker pulling wrong plug," Jun. 02 2017.Google Scholar
- 365DataCenters, "Master services agreement," http://www.365datacenters.com/master-services-agreement/.Google Scholar
- Internap, "Colocation services and SLA," http://www.internap.com/internap/wp-content/uploads/2014/06/Attachment-3-Colocation-Services-SLA.pdf.Google Scholar
- Z. Xu, H. Wang, Z. Xu, and X. Wang, "Power attack: An increasing threat to data centers," in NDSS, 2014.Google Scholar
- M. A. Islam, S. Ren, and A. Wierman, "Exploiting a thermal side channel for power attacks in multi-tenant data centers," in CCS, 2017. Google ScholarDigital Library
- M. A. Islam, S. Ren, and A. Wierman, "A first look at power attacks in multi-tenant data centers," in GreenMetrics, 2017.Google Scholar
- Mohammad A. Islam, "Server noise trace," https://sites.google.com/site/mdatiqislam1985/server_noise_trace.Google Scholar
- Uptime Institute, "Tier certifications," https://uptimeinstitute.com/TierCertification/.Google Scholar
- G. Wang, S. Wang, B. Luo, W. Shi, Y. Zhu, W. Yang, D. Hu, L. Huang, X. Jin, and W. Xu, "Increasing large-scale data center capacity by statistical power control," in EuroSys, 2016. Google ScholarDigital Library
- Z. Liu, Y. Chen, C. Bash, A. Wierman, D. Gmach, Z. Wang, M. Marwah, and C. Hyser, "Renewable and cooling aware workload management for sustainable data centers," in SIGMETRICS, 2012. Google ScholarDigital Library
- J. Mirkovic and P. Reiher, "A taxonomy of DDoS attack and ddos defense mechanisms," SIGCOMM Comput. Commun. Rev., vol. 34, pp. 39--53, Apr. 2004. Google ScholarDigital Library
- S. Yu, Y. Tian, S. Guo, and D. O. Wu, "Can we beat ddos attacks in clouds?," IEEE Transactions on Parallel and Distributed Systems, vol. 25, pp. 2245--2254, September 2014.Google ScholarCross Ref
- Raritan, "Data center power overload protection," White Paper, 2016.Google Scholar
- Y. Sverdlik, "Verizon data center outage delays JetBlue flights," in DataCenterKnowledge, January 2016.Google Scholar
- C. E. P. Dell, "Dell enterprise acoustics," 2011, https://www.dell.com/downloads/global/products/pedge/en/acoustical-education-dell-enterprise-white-paper.pdf.Google Scholar
- I. Manousakis, I. n. Goiri, S. Sankar, T. D. Nguyen, and R. Bianchini, "Coolprovision: Underprovisioning datacenter cooling," in SoCC, 2015. Google ScholarDigital Library
- D. L. Moss, "Dynamic control optimizes facility airflow delivery," Dell White Paper, March 2012.Google Scholar
- The New York Blower Company, "Fan laws and system curves," http://www.nyb.com/pdf/Catalog/Letters/EL-02.pdf.Google Scholar
- R. H. Lyon and A. E. Bergles, "Noise and cooling in electronics packages," IEEE Transactions on Components and Packaging Technologies, vol. 29, no. 3, pp. 535--542, 2006.Google ScholarCross Ref
- Dell Product Group - Server Engineering, "Cooling options for thermal control in dell poweredge servers," 2015, http://en.community.dell.com/techcenter/extras/m/white_papers/20441060/download.Google Scholar
- myNoise: Custom Background Noise Machines, "Data center server room noise generator," https://mynoise.net/NoiseMachines/dataCenterNoiseGenerator.php.Google Scholar
- V. Zarzoso and A. Nandi, "Blind source separation," in Blind Estimation Using Higher-Order Statistics, pp. 167--252, Springer, 1999.Google Scholar
- H. Laurberg and L. K. Hansen, "On Affine Non-negative Matrix Factorization," in ICASSP, 2007.Google Scholar
- J. Eggert and E. Korner, "Sparse coding and NMF," in IJCNN, 2004.Google Scholar
- P. Paatero and U. Tapper, "Positive matrix factorization: A non-negative factor model with optimal utilization of error estimates of data values," Environmetrics, vol. 5, no. 2, pp. 111--126, 1994.Google ScholarCross Ref
- D. D. Lee and H. S. Seung, "Algorithms for non-negative matrix factorization," in NIPS, 2001. Google ScholarDigital Library
- D. D. Lee and H. S. Seung, "Learning the parts of objects by non-negative matrix factorization," Nature, vol. 401, no. 6755, p. 788, 1999.Google ScholarCross Ref
- P. O. Hoyer, "Non-negative sparse coding," in NNSP, 2002.Google Scholar
- EdgeConnex, http://www.edgeconnex.com/.Google Scholar
- D. G. Feitelson, D. Tsafrir, and D. Krakov, "Experience with using the parallel workloads archive," Journal of Parallel and Distributed Computing, vol. 74, no. 10, pp. 2967--2982, 2014.Google ScholarCross Ref
- Parallel Workloads Archive, http://www.cs.huji.ac.il/labs/parallel/workload/.Google Scholar
- X. Fan, W.-D. Weber, and L. A. Barroso, "Power provisioning for a warehouse-sized computer," in ISCA, 2007. Google ScholarDigital Library
- NENS, "How to reduce the noise from your servers," 2017, https://www.nens.com/reduce-noise-servers/.Google Scholar
- S. Li, T. Abdelzaher, and M. Yuan, "Tapa: Temperature aware power allocation in data center with map-reduce," in IGCC, 2011.Google Scholar
- Z. Wang, C. Bash, N. Tolia, M. Marwah, X. Zhu, and P. Ranganathan, "Optimal fan speed control for thermal management of servers," in InterPACK, (Berkeley, CA, USA), 2009.Google Scholar
- L. Li, W. Zheng, X. D. Wang, and X. Wang, "Coordinating liquid and free air cooling with workload allocation for data center power minimization," in ICAC, 2014.Google Scholar
- D. Wang, C. Ren, A. Sivasubramaniam, B. Urgaonkar, and H. Fathy, "Energy storage in datacenters: what, where, and how much?," in SIGMETRICS, 2012. Google ScholarDigital Library
- D. S. Palasamudram, R. K. Sitaraman, B. Urgaonkar, and R. Urgaonkar, "Using batteries to reduce the power costs of internet-scale distributed networks," in SoCC, 2012. Google ScholarDigital Library
- M. Guri, Y. A. Solewicz, A. Daidakulov, and Y. Elovici, "Fansmitter: Acoustic data exfiltration from (speakerless) air-gapped computers," CoRR, vol. abs/1606.05915, 2016.Google Scholar
- S.-J. Moon, V. Sekar, and M. K. Reiter, "Nomad: Mitigating arbitrary cloud side channels via provider-assisted migration," in CCS, 2015. Google ScholarDigital Library
- C. Wang, N. Nasiriani, G. Kesidis, B. Urgaonkar, Q. Wang, L. Y. Chen, A. Gupta, and R. Birke, "Recouping energy costs from cloud tenants: Tenant demand response aware pricing design," in eEnergy, 2015. Google ScholarDigital Library
- N. Nasiriani, C. Wang, G. Kesidis, B. Urgaonkar, L. Y. Chen, and R. Birke, "On fair attribution of costs under peak-based pricing to cloud tenants," in MASCOTS, 2015. Google ScholarDigital Library
- N. Chen, X. Ren, S. Ren, and A. Wierman, "Greening multi-tenant data center demand response," in IFIP Performance, 2015. Google ScholarDigital Library
- Z. Liu, I. Liu, S. Low, and A. Wierman, "Pricing data center demand response," in SIGMETRICS, 2014. Google ScholarDigital Library
- CRN, "Npd group: Top 8 server brands of 2016 q2," http://www.crn.com/slide-shows/storage/300081644/npd-group-top-8-server-brands-of-2016-q2.htm.Google Scholar
- HyperPhysics, "Inverse square law, sound," http://hyperphysics.phy-astr.gsu.edu/hbase/Acoustic/invsqs.html.Google Scholar
Index Terms
- Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side Channel
Recommendations
Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityThe power capacity of multi-tenant data centers is typically oversubscribed in order to increase the utilization of expensive power infrastructure. This practice can create dangerous situations and compromise data center availability if the designed ...
Ohm's Law in Data Centers: A Voltage Side Channel for Timing Power Attacks
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityMaliciously-injected power load, a.k.a. power attack, has recently surfaced as a new egregious attack vector for dangerously compromising the data center availability. This paper focuses on the emerging threat of power attacks in a multi-tenant ...
Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side Channel
SIGMETRICS '18The common practice of power infrastructure oversubscription in data centers exposes dangerous vulnerabilities to well-timed power attacks (i.e., maliciously timed power loads), possibly creating outages and resulting in multimillion-dollar losses. In ...
Comments