why some like it loud
play

Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data - PowerPoint PPT Presentation

Dec 10, 2022 •130 likes •445 views

Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side Channel Mohammad A. Islam, Luting Yang, Kiran Ranganath, and Shaolei Ren Acknowledgement: This work was supported in part by NSF under grants

  1. Why Some Like It Loud: Timing Power Attacks in Multi-tenant Data Centers Using an Acoustic Side Channel Mohammad A. Islam, Luting Yang, Kiran Ranganath, and Shaolei Ren Acknowledgement: This work was supported in part by NSF under grants CNS-1551661 and ECCS-1610471.

  2. This talk is NOT about multi-tenant clouds; it’s about multi -tenant data centers! 2

  3. This talk is NOT about multi-tenant clouds; it’s about multi -tenant data centers! P D vs U UPS P D U Tenant = virtual machines Tenant = physical servers 2

  4. Multi- tenant data centers are everywhere… Apple houses 25% of its servers in multi- tenant data centers… 3

  5. Multi- tenant data centers are everywhere… Google, Amazon, MS, Fb… :7.8% Multi-tenant: Enterprise: 37% 53% Percentage of electricity usage by data center type (source: NRDC 2015) 3

  6. An overview of multi-tenant data center P D Utility U UPS ATS P D Generator U Managed by operator 4

  7. An overview of multi-tenant data center P D Utility U UPS ATS P D Generator U Managed by operator Managed by tenants 4

  8. An overview of multi-tenant data center P D Utility U UPS ATS Securing the cyberspace P D • DDoS attack, network intrusion, privacy Generator U protection, etc. [Mirkovic, Sigcomm’04][Zhang CCS’12][Moon CCS’15][Dong CCS’17]… Managed by operator Managed by tenants 4

  9. P D U UPS ATS P D U Generator 5

  10. How to attack the physical infrastructure? P D U UPS ATS P D U Generator 5

  11. How to attack the physical infrastructure? P D U UPS ATS P D U Generator Power Overload using Human intrusion server power Hacking control systems 5

  12. How to attack the physical infrastructure? P D U Our focus UPS ATS P D U Generator Power Overload using Human intrusion server power Hacking control systems 5

  13. P D U UPS ATS P D U Generator 6

  14. P D U UPS ATS P D U Generator 6

  15. Power attack: Well-timed power injection to overload the shared P data center capacity, subject to all applicable usage D U constraints set by the operator UPS ATS P Malicious D Tenant U Generator Malicious load 6

  16. Cost analysis More likely to have an outage during overloads (e.g., risk increases by ~280 times for a Tier-IV data center ) Million $/MW/year 25 20 15.6 15 8.7 10 3.5 5 0 Tier-II Tier-III Tier-IV Estimated cost based on 5% overloads and a data center of 1MW-10,00sqft 7

  17. Cost analysis More likely to have an outage during overloads (e.g., risk increases by ~280 times for a Tier-IV data center ) Million $/MW/year 25 Annual cost > $2 billion 20 15.6 (if only 10% of the U.S. data centers 15 are affected) 8.7 10 3.5 5 0 Tier-II Tier-III Tier-IV Estimated cost based on 5% overloads and a data center of 1MW-10,00sqft 7

  18. How to precisely time power attacks? 8

  19. How to precisely time power attacks? • Random attacks are unlikely to be successful, while constant full power is prohibited 8

  20. How to precisely time power attacks? • Random attacks are unlikely to be successful, while constant full power is prohibited • Coarse timing (e.g., based on “peak” hours) is ineffective 8

  21. Server power  Heat  Cold Airflow  Fan Speed  Noise Dell PowerEdge servers 9

  22. Server power  Heat  Cold Airflow  Fan Speed  Noise Dell PowerEdge servers 9

  23. Server power  Heat  Cold Airflow  Fan Speed  Noise Dell PowerEdge servers 9

  24. There are challenges…! 10

  25. Suppressing the loud AC noise Serves in a data center Serves noise 11

  26. Suppressing the loud AC noise Serves in a data center Serves noise A high-pass filter reveals the server noise pattern 11

  27. Unknown 𝑭 (𝑵×𝑳) 𝒀 (𝑶×𝑳) 𝑩 (𝑵×𝑶) 𝒁 (𝑵×𝑳) Interest Observation 12

  28. Unknown 𝑭 (𝑵×𝑳) 𝒀 (𝑶×𝑳) 𝑩 (𝑵×𝑶) 𝒁 (𝑵×𝑳) Interest Observation Solution: Blind source separation using non-negative matrix factorization (NMF) 12

  29. Experimental evaluation • Experimental settings • Run real workload traces in a university data center • True positive: % of attack opportunities detected • Precision: % of an attack being successful 13

  30. Experimental evaluation • Experimental settings • Run real workload traces in a university data center • True positive: % of attack opportunities detected • Precision: % of an attack being successful 13

  31. Physical co-residence and space sharing result in physical side channels Can be exploited to compromise data center physical security! Thanks! 14

Recommend

C loud A pp P rofiler: T elco C loud A pplications T racing and M onitoring CTPD Project By:

C loud A pp P rofiler: T elco C loud A pplications T racing and M onitoring CTPD Project By:

C loud A pp P rofiler: T elco C loud A pplications T racing and M onitoring CTPD Project By: Sarra KHAZRI / / /Pr Mohamed CHERIET / Montreal, December 11, 2013 Outline Outline Outline Outline 2 Issue Objectives Review of

476 views • 22 slides
What is noise? Loud sounds if they are over 85 dB can be damaging. How do I know if I am

What is noise? Loud sounds if they are over 85 dB can be damaging. How do I know if I am

Protect Your Hearing! What is noise? Loud sounds if they are over 85 dB can be damaging. How do I know if I am listening to levels above 85dB? It is invisible, tasteless, odorless, and IGNORED as a form of pollution. Did you know?

444 views • 19 slides
Loud Voices in the China Field Loud Voices in the China Field A recent debate in Eurasian

Loud Voices in the China Field Loud Voices in the China Field A recent debate in Eurasian

Loud Voices in the China Field Loud Voices in the China Field A recent debate in Eurasian economic history Debate Debate Eurasian economic history has been dominated in the past several years by a sustained debate over the developmental

446 views • 44 slides
4/6/2020 Revelation 19 - 20 19 After this I heard what seemed to be the loud voice of a great

4/6/2020 Revelation 19 - 20 19 After this I heard what seemed to be the loud voice of a great

4/6/2020 Revelation 19 - 20 19 After this I heard what seemed to be the loud voice of a great multitude in heaven, saying, Hallelujah! Salvation and glory and power to our God, 2 for his judgments are true and just; he has judged the

233 views • 11 slides
3 3 years years Rev. 16:1, Then I heard a loud voice from the temple saying to

3 3 years years Rev. 16:1, Then I heard a loud voice from the temple saying to

The Seven Thunders Rev. 10:4 Sealed up and unwritten 3 3 years years Rev. 16:1, Then I heard a loud voice from the temple saying to the seven angels, Go and pour out the bowls of the wrath of God on the earth.

538 views • 12 slides
Architecting for the Clo loud @axelfontaine About Axel Fontaine Founder and CEO of Boxfuse

Architecting for the Clo loud @axelfontaine About Axel Fontaine Founder and CEO of Boxfuse

Architecting for the Clo loud @axelfontaine About Axel Fontaine Founder and CEO of Boxfuse Over 15 years industry experience Continuous Delivery expert Regular speaker at tech conferences JavaOne RockStar in 2014

1.17k views • 72 slides
I N C LOUD C OMPUTING Christina Delimitrou Stanford University Defense May 26 th

I N C LOUD C OMPUTING Christina Delimitrou Stanford University Defense May 26 th

I MPROVING R ESOURCE E FFICIENCY I N C LOUD C OMPUTING Christina Delimitrou Stanford University Defense May 26 th 2015 Resource efficiency is a first-order system constraint How efficiently do we utilize resources?

986 views • 81 slides
Championing participation & standards An increasingly loud voice... CBI First Steps : A new

Championing participation & standards An increasingly loud voice... CBI First Steps : A new

Championing participation & standards An increasingly loud voice... CBI First Steps : A new approach for schools (2013) Social Mobility and Child Poverty Commission (2014) DEMOS : Character Nation (2015) Education Endowment Foundation

365 views • 8 slides
Artificial In Intelligence& Clo loud technology in the library ry transformation

Artificial In Intelligence& Clo loud technology in the library ry transformation

Artificial In Intelligence& Clo loud technology in the library ry transformation Vice President Huawei Cloud Thailand Office AI I

1.23k views • 83 slides
Revelation 12:10 And I heard a loud voice in heaven, saying, Now the salvation and the power

Revelation 12:10 And I heard a loud voice in heaven, saying, Now the salvation and the power

Revelation 12:10 And I heard a loud voice in heaven, saying, Now the salvation and the power and the kingdom of our God and the authority of his Christ have come, for the accuser of our brothers has been thrown down, who accuses them day

453 views • 24 slides
Rev 18:2, And he cried mightily with a loud voice, saying, Babylon the great is fallen, is

Rev 18:2, And he cried mightily with a loud voice, saying, Babylon the great is fallen, is

Rev 18:2, And he cried mightily with a loud voice, saying, Babylon the great is fallen, is fallen, and has become a dwelling place of demons, a prison for every foul spirit, and a cage for every unclean and hated bird! The

971 views • 69 slides
O PTIMUS C LOUD : Heterogeneous Configuration Optimization for Distributed Databases in the Cloud

O PTIMUS C LOUD : Heterogeneous Configuration Optimization for Distributed Databases in the Cloud

O PTIMUS C LOUD : Heterogeneous Configuration Optimization for Distributed Databases in the Cloud Ashraf Mahgoub 1 , Alexander Medoff 1 , Rakesh Kumar 2 , Subrata Mitra 3 , Ana Klimovic 4 , Somali Chaterji 1 , Saurabh Bagchi 1 1: Purdue

634 views • 19 slides
GPU-B ASED D EEP L EARNING IN C LOUD AND E MBEDDED S YSTEMS F REDERICK S OO , CTO April 4, 2016

GPU-B ASED D EEP L EARNING IN C LOUD AND E MBEDDED S YSTEMS F REDERICK S OO , CTO April 4, 2016

GPU-B ASED D EEP L EARNING IN C LOUD AND E MBEDDED S YSTEMS F REDERICK S OO , CTO April 4, 2016 Confidential and Proprietary Nauto is launching a connected camera for professional drivers Drive more than most consumers Exposed to

320 views • 17 slides
Detection of radio quasi-periodic oscillations in the -ray-loud X-ray binary LS I +61 303

Detection of radio quasi-periodic oscillations in the -ray-loud X-ray binary LS I +61 303

Detection of radio quasi-periodic oscillations in the -ray-loud X-ray binary LS I +61 303 Fr ed eric Jaron Max-Planck-Institute for Radio Astronomy Institute of Geodesy and Geoinformation, University of Bonn Effelsberg Science

206 views • 20 slides
S TATISTICAL M ODELING OF S POT I NSTANCE P RICES IN P UBLIC C LOUD E NVIRONMENTS Bahman Javadi ,

S TATISTICAL M ODELING OF S POT I NSTANCE P RICES IN P UBLIC C LOUD E NVIRONMENTS Bahman Javadi ,

S TATISTICAL M ODELING OF S POT I NSTANCE P RICES IN P UBLIC C LOUD E NVIRONMENTS Bahman Javadi , Ruppa K. Thulasiram , and Rajkumar Buyya Cloud Computing and Distributed Systems (CLOUDS) Laboratory Department of Computer Science and Software

611 views • 23 slides
Approaches for Resilience Against Cascading Fail ilures in in Clo loud Datacenters Haoyu Wang,

Approaches for Resilience Against Cascading Fail ilures in in Clo loud Datacenters Haoyu Wang,

Approaches for Resilience Against Cascading Fail ilures in in Clo loud Datacenters Haoyu Wang, Haiying Shen and Zhuozhao Li Univ iversit ity of of Vir irginia 2018 IEE IEEE IC ICDCS, Vien ienna, Austr tria ia Pre resen ented ed by

526 views • 23 slides
Making physical venues easily accessible for everyone LOUD STEPS is an assistive technology for

Making physical venues easily accessible for everyone LOUD STEPS is an assistive technology for

Making physical venues easily accessible for everyone LOUD STEPS is an assistive technology for visually impaired and hard hearing people living in urban spaces. It provides a free mobile application for iPhone and Android. This is how we see

543 views • 19 slides
A Clo loud Gaming Framework for Dynamic Graphical Rendering Towards Achie ieving Dis istri

A Clo loud Gaming Framework for Dynamic Graphical Rendering Towards Achie ieving Dis istri

A Clo loud Gaming Framework for Dynamic Graphical Rendering Towards Achie ieving Dis istri ributed Game Engines James Bulman, Peter Garraghan Evolving Distributed Systems Lab Lancaster University, UK Video Games Worlds largest

456 views • 13 slides
Baid idu Clo loud In Industry ry Quali lity In Inspection Solu lution Baidu Inc. Lei Nie

Baid idu Clo loud In Industry ry Quali lity In Inspection Solu lution Baidu Inc. Lei Nie

Baid idu Clo loud In Industry ry Quali lity In Inspection Solu lution Baidu Inc. Lei Nie 2019.3.18 Highest Labor Cost in Complex Cosmetic Defect Inspections Previo vious us machine hine visio sion n automat mation ion soluti

693 views • 14 slides
E NERGY -E FFICIENT D ATA R EPLICATION IN C LOUD C OMPUTING D ATACENTERS Presented by David Ocejo

E NERGY -E FFICIENT D ATA R EPLICATION IN C LOUD C OMPUTING D ATACENTERS Presented by David Ocejo

E NERGY -E FFICIENT D ATA R EPLICATION IN C LOUD C OMPUTING D ATACENTERS Presented by David Ocejo O VERVIEW Problem Saving Energy (Solution) Efficiency Data Center Topology Simulation Conditions

631 views • 26 slides
The e European opean Op Open en Scien cience ce Clo loud ud as an enabler abler for r da

The e European opean Op Open en Scien cience ce Clo loud ud as an enabler abler for r da

The e European opean Op Open en Scien cience ce Clo loud ud as an enabler abler for r da data ta dr driven iven science cience Un Unit ited ed Natio ions/I ns/Ita taly ly Worksh kshop op on the Open n Univ iverse rse

520 views • 20 slides
Waiter, theres a compiler in my shellcode! Not so loud, or everybody will want one! Josh

Waiter, theres a compiler in my shellcode! Not so loud, or everybody will want one! Josh

Waiter, theres a compiler in my shellcode! Not so loud, or everybody will want one! Josh Stone NolaCon, 2019 Waiter by Adrien Coquet from the Noun Project Introduction: Josh Stone 30 years programmer 19 years infosec 15 years married

742 views • 49 slides
Lattice QCD Spectroscopy for Hadronic CP Violation Andr Walker-Loud Fundamental Symmetries and

Lattice QCD Spectroscopy for Hadronic CP Violation Andr Walker-Loud Fundamental Symmetries and

Lattice QCD Spectroscopy for Hadronic CP Violation Andr Walker-Loud Fundamental Symmetries and Low-Energy Nuclear Physics The Universe is matter dominated at roughly 1 ppb: X p + n = 6 . 19(15) 10 10 X APS/Alan Stonebraker

517 views • 34 slides
CIRI COLLABORATIVE INDIGENOUS RESEARCH 'Time for Talking up Loud INITIATIVE Aboriginal &

CIRI COLLABORATIVE INDIGENOUS RESEARCH 'Time for Talking up Loud INITIATIVE Aboriginal &

CIRI COLLABORATIVE INDIGENOUS RESEARCH 'Time for Talking up Loud INITIATIVE Aboriginal & Torres Strait Islander voices shaping Australian research 26 th October 2015 / Seminar 6 Acknowledgement of Country and People I wish to

852 views • 21 slides

More recommend