research-article

Power attack defense: securing battery-backed data centers

Authors:

Minyi GuoAuthors Info & Claims

ISCA '16: Proceedings of the 43rd International Symposium on Computer Architecture

Pages 493 - 505

https://doi.org/10.1109/ISCA.2016.50

Published: 18 June 2016 Publication History

Abstract

Battery systems are crucial components for mission-critical data centers. Without secure energy backup, existing under-provisioned data centers are largely unguarded targets for cyber criminals. Particularly for today's scale-out servers, power oversubscription unavoidably taxes a data center's backup energy resources, leaving very little room for dealing with emergency. Besides, the emerging trend towards deploying distributed energy storage architecture causes the associated energy backup of each rack to shrink, making servers vulnerable to power anomalies. As a result, an attacker can generate power peaks to easily crash or disrupt a power-constrained system. This study aims at securing data centers from malicious loads that seek to drain their precious energy storage and overload server racks without prior detection. We term such load as Power Virus (PV) and demonstrate its basic two-phase attacking model and characterize its behaviors on real systems. The PV can learn the victim rack's battery characteristics by disguising as benign loads. Once gaining enough information, the PV can be mutated to generate hidden power spikes that have a high chance to overload the system. To defend against PV, we propose power attack defense (PAD), a novel energy management patch built on lightweight software and hardware mechanisms. PAD not only increases the attacking cost considerably by hiding vulnerable racks from visible spikes, it also strengthens the last line of defense against hidden spikes. Using Google cluster traces we show that PAD can effectively raise the bar of a successful power attack: compared to prior arts, it increases the data center survival time by 1.6~11X and provides better performance guarantee. It enables modern data centers to safely exploit the benefits that power oversubscription may provide, with the slightest cost overhead.

References

[1]

Google uncloaks once-secret server, 2009 http://www.cnet.com/news/google-uncloaks-once-secret-server-10209580/

[2]

P. Sarti. Battery Cabinet Hardware v1.0, Open Compute Project, 2012. http://www.opencompute.org/

[3]

Microsoft Reinvents Datacenter Power Backup with New Open Compute Project Specification, 2015. http://blogs.technet.com/b/msdatacenters/archive/2015/03/10/microsoft-reinvents-datacenter-power-backup-with-new-open-compute-project-specification.aspx

[4]

Y. Kuroda, A. Akai, T. Kato, and Y. Kudo. High-Efficiency Power Supply System for Server Machines in Data Center, International Conference on High Performance Computing and Simulation (HPCS), 2013

[5]

HP Flexible Slot Power Supplies, http://www8.hp.com/us/en/products/power-supplies/product-detail.html?oid=7268787

[6]

QuantaPlex T21SR-2U Datasheet, http://www.quantaqct.com/

[7]

V. Kontorinis, L. Zhang, B. Aksanli, J. Sampson, H. Homayoun, E. Pettis, T. Rosing and D. Tullsen, Managing Distributed UPS Energy for Effective Power Capping in Data Centers, International Symposium on Computer Architecture (ISCA), 2012

Digital Library

[8]

S. Govindan, A. Sivasubramaniam and B. Urgaonkar. Benefits and Limitations of Tapping into Stored Energy for Datacenters, Int. Symp. on Computer Architecture (ISCA), 2011

Digital Library

[9]

D. Wang, C. Ren, A. Sivasubramaniam, B. Urgaonkar, and H. Fathy. Energy Storage in Datacenters: What, Where, and How Much, SIGMETRICS Performance Evaluation Review, Vol. 40, No. 1, 2012

Digital Library

[10]

Z. Xu, H. Wang, Z. Xu, and X. Wang. Power Attack: An Increasing Threat to Data Centers, The Network and Distributed System Security Symposium (NDSS), 2015

[11]

D. Meisner, and T. Wenisch Peak Power Modeling for Data Center Servers with Switched-Mode Power Supplies, International Conference on Low Power Electronic Design (ISLPED), 2010

Digital Library

[12]

X. Fan, W. Weber, and L. Barroso, Power Provisioning for a Warehouse-Sized Computer, International Symposium on Computer Architecture (ISCA), 2007

Digital Library

[13]

S. Govindan, D. Wang, A. Sivasubramaniam, and B. Urgaonkar. Leveraging Stored Energy for Handling Power Emergencies in Aggressively Provisioned Datacenters. International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2012

Digital Library

[14]

Í. Goiri, R. Beauchea, K. Le, T. Nguyen, M. Haque, J. Guitart, J. Torres, and R. Bianchini. GreenSlot: Scheduling Energy Consumption in Green Datacenters, Supercomputing (SC), 2011

Digital Library

[15]

I. Goiri, W. Katsak, K. Le, T. Nguyen, and R. Bianchini. Parasol and GreenSwitch: Managing Datacenters Powered by Renewable Energy, International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2013

Digital Library

[16]

C. Li, A. Qouneh, and T. Li. iSwitch: Coordinating and Optimizing Renewable Energy Powered Server Clusters, International Symposium on Computer Architecture (ISCA), 2012

Digital Library

[17]

C. Li, Y. Hu, R. Zhou, M. Liu, L. Liu, J. Yuan, and T. Li. Oasis: Enabling Datacenter to Scale Out Economically and Sustainably, International Symposium on Microarchitecture (MICRO), 2013

Digital Library

[18]

Ponemon Institute. 2013 Study on Data Center Outages

[19]

Ponemon Institute. 2013 Cost of Data Center Outages

[20]

J. Williams, Data Center Security Survey. SANS Institute, 2014

[21]

Google Trace. https://code.google.com/p/googleclusterdata/

[22]

W. Turner and K. Brill, Cost Model: Dollars per kW plus Dollars per Square Foot of Computer Floor. White Paper. Uptime Institute, 2008

[23]

Understanding Electric Demand. White Paper, National Grid, 2012. https://www.nationalgridus.com/niagaramohawk/non_html/eff_elec-demand.pdf

[24]

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. The ACM Conference on Computer and Communications Security (CCS), 2009

Digital Library

[25]

12v 12Ah Lead Acid Battery, http://www.micropik.com/PDF/CP12120.pdf

[26]

A. Bhattacharya, D. Culler, A. Kansal, S. Govindan, S. Sankar. The need for speed and stability in data center power capping, Sustainable Computing: Informatics an Systems, Vol. 3, Issue 3, pp. 183--193, 2012

[27]

L. Liu, C. Li, H. Sun, Y. Hu, J. Gu, and T. Li. BAAT: Towards Dynamically Managing Battery Aging in Green Datacenters, Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2015

Digital Library

[28]

http://jedi.ks.uiuc.edu/~johns/raytracer

[29]

https://openbenchmarking.org/test/pts/stream

[30]

https://openbenchmarking.org/test/pts/apache

[31]

SPECpower_ssj2008 Results. http://www.spec.org/power_ssj2008/results/

[32]

M. Jongerden and B. Haverkort, Which Battery Model to Use?, In Special Issue on Performance Engineering, 2009

[33]

Y. Liu, P. Ning, and M. Reiter. False Data Injection Attacks against State Estimation in Electric Power Grids, ACM Conference on Computer and Communications Security (CCS), 2009.

Digital Library

[34]

S. Soltan, D. Mazauric, and G. Zussman. Cascading Failures in Power Grids - Analysis and Algorithms, ACM e-Energy, 2014

Digital Library

[35]

X. Chen, W. Yu, D. Griffith, N. Golmie, and G. Xu. On Cascading Failures and Countermeasures based on Energy Storage in the Smart Grid, IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS), 2014

Digital Library

[36]

J. Demme, R. Martin, A. Waksman, and S. Sethumadhavan. Side-channel Vulnerability Factor: A Metric for Measuring Information Leakage. International Symposium on Computer Architecture (ISCA), 2012

Digital Library

[37]

J. Chen and G. Venkataramani. CC-Hunter: Uncovering Covert Timing Channels on Shared Processor Hardware, International Symposium on Microarchitecture (MICRO), 2014

Digital Library

[38]

F. Liu and R. Lee. Random Fill Cache Architecture. International Symposium on Computer Architecture (ISCA), 2014

[39]

P. Colp, J. Zhang, J. Gleeson, S. Suneja, E. Lara, H. Raj, S. Saroiu, and A. Wolman. Protecting Data on Smartphones and Tablets from Memory Attacks. International Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2015

Digital Library

[40]

R. Callan, A. Zajic, and M. Prvulovic. A Practical Methodology for Measuring the Side-Channel Signal Available to the Attacker for Instruction-Level Events, International Symposium on Microarchitecture (MICRO), 2014

Digital Library

[41]

S. Govindan, D. Wang, L. Chen, A. Sivasubramaniam, and B. Urgaonkar. Towards Realizing a Low Cost and Highly Available Datacenter Power Infrastructure, HotPower, 2011

Digital Library

[42]

S. Sankar, D. Gauthier, S. Gurumurthi. Power Award Provisioning in Large Data Centers, ACM International Conference on Computing Frontiers (CF), 2014

Digital Library

[43]

R. Zhou, Z. Wang, C. Bash, T. Cade, and A. McReynolds. Failure Resistant Data Center Cooling Control Through Model-Based Thermal Zone Mapping, Technical Report. HP, 2012. http://www.hpl.hp.com/techreports/2012/HPL-2012-69.pdf

[44]

S. Shields. Dynamic Thermal Response of the Data Center to Cooling Loss During Facility Power Failure. Master Thesis, Georgia Institute of Technology, 2012

[45]

K. Vishwanath and N. Nagappan. Characterizing Cloud Computing Hardware Reliability. ACM Symposium on Cloud Computing (SoCC), 2010

Digital Library

[46]

S. Sankar and S. Gurumurthi. Soft Failures in Large Datacenters, IEEE Computer Architecture Letters, Vol 13, NO. 2, 2014

Digital Library

[47]

S. Sankar, M. Shaw, K. Vaid, and S. Gurumurthi. Datacenter Scale Evaluation of the Impact of Temperature on Hard Disk Drive Failures. ACM Trans. on Storage, Vol. 9, No. 2, Article 6, 2013

Digital Library

[48]

X. Wu, D. Turner, C.C. Chen, D. Maltz, X. Yang, L. Yuan, M. Zhang. NetPilot: Automating Datacenter Network Failure Mitigation, ACM SIGCOMM 2012 conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM). 2012

Digital Library

[49]

R.N. Mysore, A. Pamboris, N. Farrington, N. Huang, P. Miri, S. Radhakrishnan, V. Subramanya, and A. Vahdat. SIGCOMM'09

[50]

P. Gill, N. Jain, and N. Nagappan. Understanding Network Failures in Data Centers: Measurement, Analysis, and Implications. ACM SIGCOMM 2011 conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM). 2011

Digital Library

[51]

C. Li, R. Zhou, and T. Li. Enabling Distributed Generation Powered Sustainable High-Performance Data Center. Int. Symp. on High-Performance Computer Architecture (HPCA), 2013

Digital Library

[52]

N. Sharma, S. Barker, D. Irwin, and P. Shenoy. Blink: Managing Server Clusters on Intermittent Power. Int. Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2011

Digital Library

[53]

B. Aksanli, P. Eddie, and R. Tajana. Architecting Efficient Peak Power Shaving Using Batteries in Data Centers. IEEE International Symposium on Modelling, Analysis & Simulation of Computer and Telecommunication Systems (MASCOTS), 2013

Digital Library

[54]

S.K. Ghai, Z. Charbiwala, S. Mylavarapu, D. P. Seetharam, and R. Kunnath. PC Picogrids: A Case for Local Energy Storage for Uninterrupted Power to DC Appliances, ACM e-Energy, 2013.

Digital Library

[55]

D. Wang, C. Ren, A. Sivasubramaniam. Virtualizing Power Distribution in Datacenters, International Symposium on Computer Architecture (ISCA), 2013

Digital Library

[56]

L. Liu, C. Li, H. Sun, Y. Hu, J. Gu, T. Li, J. Xin and N. Zheng. HEB: Deploying and Managing Hybrid Energy Buffers for Improving Datacenter Efficiency and Economy, International Symposium on Computer Architecture (ISCA), 2015

Digital Library

Cited By

Sun RQiu PLyu YDong JWang HWang DQu G(2023)Lightning: Leveraging DVFS-induced Transient Fault Injection to Attack Deep Learning Accelerator of GPUsACM Transactions on Design Automation of Electronic Systems10.1145/361789329:1(1-22)Online publication date: 20-Sep-2023
https://dl.acm.org/doi/10.1145/3617893
Hou XLiu JLi CGuo M(2019)Unleashing the Scalability Potential of Power-Constrained Data Center in the Microservice EraProceedings of the 48th International Conference on Parallel Processing10.1145/3337821.3337857(1-10)Online publication date: 5-Aug-2019
https://dl.acm.org/doi/10.1145/3337821.3337857
Hou XLiang MLi CZheng WChen QGuo M(2019)When Power Oversubscription Meets Traffic Flood AttackProceedings of the 48th International Conference on Parallel Processing10.1145/3337821.3337856(1-10)Online publication date: 5-Aug-2019
https://dl.acm.org/doi/10.1145/3337821.3337856
Show More Cited By

Recommendations

Power attack defense: securing battery-backed data centers
ISCA'16

Battery systems are crucial components for mission-critical data centers. Without secure energy backup, existing under-provisioned data centers are largely unguarded targets for cyber criminals. Particularly for today's scale-out servers, power ...
Power attack: An imminent security threat in real-time system for detecting missing rail blocks in developing countries
Abstract
Exploration of potential security threats and vulnerabilities of a real-time system specifically designed for detecting missing rail blocks in the context of developing countries is yet to be explored. Therefore, in this paper, we ...
Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

The power capacity of multi-tenant data centers is typically oversubscribed in order to increase the utilization of expensive power infrastructure. This practice can create dangerous situations and compromise data center availability if the designed ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ISCA '16: Proceedings of the 43rd International Symposium on Computer Architecture

June 2016

756 pages

ISBN:9781467389471

General Chairs:
Sang Lyul Min
Seoul National University
,
Gabriel Loh
AMD Research

ACM SIGARCH Computer Architecture News Volume 44, Issue 3
ISCA'16
June 2016
730 pages
ISSN:0163-5964
DOI:10.1145/3007787
Editor:
Doug DeGroot
acm dot org
Issue’s Table of Contents

Sponsors

SIGARCH: ACM Special Interest Group on Computer Architecture
IEEE-CS: Computer Society

Publisher

IEEE Press

Publication History

Published: 18 June 2016

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ISCA '16

Sponsor:

SIGARCH
IEEE-CS

ISCA '16: The 42nd Annual International Symposium on Computer Architecture

June 18 - 22, 2016

Seoul, Republic of Korea

Acceptance Rates

Overall Acceptance Rate 543 of 3,203 submissions, 17%

Upcoming Conference

ISCA '25

Sponsor:
sigarch

The 52nd Annual International Symposium on Computer Architecture

June 21 - 25, 2025

Tokyo , Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

36
Total Citations
View Citations
406
Total Downloads

Downloads (Last 12 months)39
Downloads (Last 6 weeks)5

Reflects downloads up to 19 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sun RQiu PLyu YDong JWang HWang DQu G(2023)Lightning: Leveraging DVFS-induced Transient Fault Injection to Attack Deep Learning Accelerator of GPUsACM Transactions on Design Automation of Electronic Systems10.1145/361789329:1(1-22)Online publication date: 20-Sep-2023
https://dl.acm.org/doi/10.1145/3617893
Hou XLiu JLi CGuo M(2019)Unleashing the Scalability Potential of Power-Constrained Data Center in the Microservice EraProceedings of the 48th International Conference on Parallel Processing10.1145/3337821.3337857(1-10)Online publication date: 5-Aug-2019
https://dl.acm.org/doi/10.1145/3337821.3337857
Hou XLiang MLi CZheng WChen QGuo M(2019)When Power Oversubscription Meets Traffic Flood AttackProceedings of the 48th International Conference on Parallel Processing10.1145/3337821.3337856(1-10)Online publication date: 5-Aug-2019
https://dl.acm.org/doi/10.1145/3337821.3337856
Chung KKalbarczyk ZIyer RLiu XTabuada PPajic MBushnell L(2019)Availability attacks on computing systems through alteration of environmental controlProceedings of the 10th ACM/IEEE International Conference on Cyber-Physical Systems10.1145/3302509.3311041(1-12)Online publication date: 16-Apr-2019
https://dl.acm.org/doi/10.1145/3302509.3311041
Islam MYang LRanganath KRen S(2018)Why Some Like It LoudACM SIGMETRICS Performance Evaluation Review10.1145/3292040.321964546:1(70-72)Online publication date: 12-Jun-2018
https://dl.acm.org/doi/10.1145/3292040.3219645
Islam MRen SLie DMannan MBackes MWang X(2018)Ohm's Law in Data CentersProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243744(146-162)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243744
Islam MYang LRanganath KRen SPsounis KAkella AWierman A(2018)Why Some Like It LoudAbstracts of the 2018 ACM International Conference on Measurement and Modeling of Computer Systems10.1145/3219617.3219645(70-72)Online publication date: 12-Jun-2018
https://dl.acm.org/doi/10.1145/3219617.3219645
Islam MYang LRanganath KRen S(2018)Why Some Like It LoudProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/31794092:1(1-33)Online publication date: 3-Apr-2018
https://dl.acm.org/doi/10.1145/3179409
Islam MRen SWierman A(2017)A First Look at Power Attacks in Multi-Tenant Data CentersACM SIGMETRICS Performance Evaluation Review10.1145/3152042.315207045:2(91-93)Online publication date: 11-Oct-2017
https://dl.acm.org/doi/10.1145/3152042.3152070
Mottola LHameed AVoigt T(2024)Energy Attacks in the Battery-less Internet of ThingsProceedings of the 17th European Workshop on Systems Security10.1145/3642974.3652283(29-36)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3642974.3652283
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents