CaltechAUTHORS
  A Caltech Library Service

Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers

Islam, Mohammad A. and Ren, Shaolei and Wierman, Adam (2017) Exploiting a Thermal Side Channel for Power Attacks in Multi-Tenant Data Centers. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17. Association for Computing Machinery (ACM) , New York, NY, pp. 1079-1094. ISBN 978-1-4503-4946-8. http://resolver.caltech.edu/CaltechAUTHORS:20180409-162518902

Full text is not posted in this repository. Consult Related URLs below.

Use this Persistent URL to link to this item: http://resolver.caltech.edu/CaltechAUTHORS:20180409-162518902

Abstract

The power capacity of multi-tenant data centers is typically oversubscribed in order to increase the utilization of expensive power infrastructure. This practice can create dangerous situations and compromise data center availability if the designed power capacity is exceeded. This paper demonstrates that current safeguards are vulnerable to well-timed power attacks launched by malicious tenants (i.e., attackers). Further, we demonstrate that there is a physical side channel --- a thermal side channel due to hot air recirculation --- that contains information about the benign tenants' runtime power usage and can enable a malicious tenant to time power attacks effectively. In particular, we design a state-augmented Kalman filter to extract this information from the side channel and guide an attacker to use its maximum power at moments that coincide with the benign tenants' high power demand, thus overloading the shared power capacity. Our experimental results show that an attacker can capture 54% of all attack opportunities, significantly compromising the data center availability. Finally, we discuss a set of possible defense strategies to safeguard the data center infrastructure against power attacks.


Item Type:Book Section
Related URLs:
URLURL TypeDescription
https://doi.org/10.1145/3133956.3133994DOIArticle
https://dl.acm.org/citation.cfm?doid=3133956.3133994PublisherArticle
Additional Information:© 2017 ACM. This work was supported in part by the U.S. NSF under grants CNS-1551661, CNS-1565474, ECCS-1610471, AitF-1637598, CNS-1518941, and CNS-1319820.
Funders:
Funding AgencyGrant Number
NSFCNS-1551661
NSFCNS-1565474
NSFECCS-1610471
NSFCCF-1637598
NSFCNS-1518941
NSFCNS-1319820
Subject Keywords:Data center; power attack; thermal side channel
Record Number:CaltechAUTHORS:20180409-162518902
Persistent URL:http://resolver.caltech.edu/CaltechAUTHORS:20180409-162518902
Usage Policy:No commercial reproduction, distribution, display or performance rights in this work are provided.
ID Code:85702
Collection:CaltechAUTHORS
Deposited By: George Porter
Deposited On:10 Apr 2018 14:55
Last Modified:10 Apr 2018 14:55

Repository Staff Only: item control page