• DocumentCode
    1259751
  • Title

    On Energy Security of Server Systems

  • Author

    Wu, Zhenyu ; Xie, Mengjun ; Wang, Haining

  • Author_Institution
    NEC Labs. America, Inc., Princeton, NJ, USA
  • Volume
    9
  • Issue
    6
  • fYear
    2012
  • Firstpage
    865
  • Lastpage
    876
  • Abstract
    Power management has become increasingly important for server systems. Numerous techniques have been proposed and developed to optimize server power consumption and achieve energy proportional computing. However, the security perspective of server power management has not yet been studied. In this paper, we investigate energy attacks, a new type of malicious exploits on server systems. Targeted solely at abusing server power consumption, energy attacks exhibit very different attacking behaviors and cause very different victim symptoms from conventional cyberspace attacks. First, we unveil that today´s server systems with improved power saving technologies are more vulnerable to energy attacks. Then, we demonstrate a realistic energy attack on a stand-alone server system in three steps: 1) by profiling energy cost of an open web service under different operation conditions, we identify the vulnerabilities that subject a server to energy attacks; 2) exploiting the discovered attack vectors, we design an energy attack that can be launched anonymously from remote; and 3) we execute the attack and measure the extent of its damage in a systematic manner. Finally, we highlight the challenges in defending against energy attacks, and we propose an effective defense scheme to meet the challenges and evaluate its effectiveness.
  • Keywords
    Web services; power consumption; power engineering computing; queueing theory; cyberspace attacks; energy proportional computing; energy security; open Web service; power consumption; power management; server systems; stand-alone server system; Energy management; Internet; Network security; Power demand; Power measurement; Servers; Energy attack; energy-aware programming; server security;
  • fLanguage
    English
  • Journal_Title
    Dependable and Secure Computing, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1545-5971
  • Type

    jour

  • DOI
    10.1109/TDSC.2012.70
  • Filename
    6261325