Securing Multi-Tenant Data Centers Against Power Attacks

Date and time: 
Monday, March 6, 2017 - 15:30
Location: 
220 Deschutes
Author(s):
Shaolei Ren
University of California, Riverside
Host/Committee: 
  • Lei Jiao

Abstract

The explosion of cloud computing and Internet of Things applications has generated a huge demand for multi-tenant data centers everywhere, extending the Internet edge beyond the traditional hub locations. As one would expect, providing secure and reliable power to tenants’ servers is extremely important for any data center operators. Nonetheless, this has become increasingly more difficult and challenging, as evidenced by the recent surge in data center power outages. Even worse, in contrast with the immensity of literature on cyber security, the study of power security in multi-tenant data centers is almost non-existent, highlighting long-standing disconnects between the prior research and the actual needs of data center operators.

In this talk, we present our recent research on securing multi-tenant data centers against power attacks. We first show that despite various safeguards in place, the current way that power infrastructure is managed in multi-tenant data centers is highly vulnerable to malicious power loads injected by attackers. Next, we demonstrate the existence of a prominent side channel --- thermal side channel --- that carries data center-level power usage information, resulting from the physical co-location of tenants’ servers in a shared data center facility. The thermal side channel can be exploited by an attacker to launch well-timed power attacks and lead to data center outages. Finally, we highlight a few defense strategies that data center operators can leverage to secure the power infrastructure against power attacks.

Biography

Shaolei Ren is an Assistant Professor of Electrical and Computer Engineering at the University of California, Riverside. He received his B.E. from Tsinghua University in 2006, M.Phil. from Hong Kong University of Science and Technology in 2008, and Ph.D. from the University of California, Los Angeles in 2012, all in electrical and computer engineering. His research interests include cloud computing, data centers, cyber security, and network economics.

He was a recipient of the U.S. NSF Faculty Early Career Development (CAREER) Award in 2015.

Tags: