Affiliation:
1. Shanghai Jiao Tong University, Shanghai, China
Abstract
Battery systems are crucial components for mission-critical data centers. Without secure energy backup, existing under-provisioned data centers are largely unguarded targets for cyber criminals. Particularly for today's scale-out servers, power oversubscription unavoidably taxes a data center's backup energy resources, leaving very little room for dealing with emergency. Besides, the emerging trend towards deploying distributed energy storage architecture causes the associated energy backup of each rack to shrink, making servers vulnerable to power anomalies. As a result, an attacker can generate power peaks to easily crash or disrupt a power-constrained system. This study aims at securing data centers from malicious loads that seek to drain their precious energy storage and overload server racks without prior detection. We term such load as Power Virus (PV) and demonstrate its basic two-phase attacking model and characterize its behaviors on real systems. The PV can learn the victim rack's battery characteristics by disguising as benign loads. Once gaining enough information, the PV can be mutated to generate hidden power spikes that have a high chance to overload the system. To defend against PV, we propose power attack defense (PAD), a novel energy management patch built on lightweight software and hardware mechanisms. PAD not only increases the attacking cost considerably by hiding vulnerable racks from visible spikes, it also strengthens the last line of defense against hidden spikes. Using Google cluster traces we show that PAD can effectively raise the bar of a successful power attack: compared to prior arts, it increases the data center survival time by 1.6~11X and provides better performance guarantee. It enables modern data centers to safely exploit the benefits that power oversubscription may provide, with the slightest cost overhead.
Publisher
Association for Computing Machinery (ACM)
Reference55 articles.
1. Google uncloaks once-secret server 2009 http://www.cnet.com/news/google-uncloaks-once-secret-server-10209580/ Google uncloaks once-secret server 2009 http://www.cnet.com/news/google-uncloaks-once-secret-server-10209580/
2. Microsoft Reinvents Datacenter Power Backup with New Open Compute Project Specification 2015. http://blogs.technet.com/b/msdatacenters/archive/2015/03/10/microsoft-reinvents-datacenter-power-backup-with-new-open-compute-project-specification.aspx Microsoft Reinvents Datacenter Power Backup with New Open Compute Project Specification 2015. http://blogs.technet.com/b/msdatacenters/archive/2015/03/10/microsoft-reinvents-datacenter-power-backup-with-new-open-compute-project-specification.aspx
3. High-efficiency power supply system for server machines in data center
4. HP Flexible Slot Power Supplies http://www8.hp.com/us/en/products/power-supplies/product-detail.html?oid=7268787 HP Flexible Slot Power Supplies http://www8.hp.com/us/en/products/power-supplies/product-detail.html?oid=7268787
Cited by
10 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Energy Attacks in the Battery-less Internet of Things;Proceedings of the 17th European Workshop on Systems Security;2024-04-22
2. Enabling Low-Cost Server-Level Power Monitoring in Data Centers Using Conducted EMI;Proceedings of the 21st ACM Conference on Embedded Networked Sensor Systems;2023-11-12
3. Energy-Latency Attacks to On-Device Neural Networks via Sponge Poisoning;Proceedings of the 2023 Secure and Trustworthy Deep Learning Systems Workshop;2023-07-10
4. Market Mechanism-Based User-in-the-Loop Scalable Power Oversubscription for HPC Systems;2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA);2023-02
5. PowerMorph: QoS-Aware Server Power Reshaping for Data Center Regulation Service;ACM Transactions on Architecture and Code Optimization;2022-08-22