Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures

This work analyzes a new and very subtle kind of security threat that can affect large-scale cloud-based IT service infrastructures, by exploiting the computational resources of their component data center to waste as much energy as possible. The consequence of these threats ranges from increased costs in the energy bill, to penalization for exceeding the agreed quantity of greenhouse gases (GHG) emissions, up to complete denial of service caused by electrical outages due to power budget exhaustion. We analyzed different types of such attacks with their potential impacts on the energy consumption, modeled their behavior and quantified how current energy-proportional technologies may provide attackers with great opportunities for raising the target facility emissions and costs. These efforts resulted in a simple model with some parametric reference values that can be used to estimate the impact of such attacks also in presence of very large infrastructures containing thousands or millions of servers.

[1]  Andrew W. Moore,et al.  Characterizing 10 Gbps network interface energy consumption , 2010, IEEE Local Computer Network Conference.

[2]  Dan S. Wallach,et al.  Denial of Service via Algorithmic Complexity Attacks , 2003, USENIX Security Symposium.

[3]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[4]  Nils Gruschka,et al.  SOA and Web Services: New Technologies, New Standards - New Attacks , 2007, ECOWS 2007.

[5]  Bruce Nordman,et al.  Data Center Power Requirements: Measurements From Silicon Valley , 2003 .

[6]  Michael Kistler,et al.  The case for power management in web servers , 2002 .

[7]  Francesco Palmieri,et al.  On the detection of card-sharing traffic through wavelet analysis and Support Vector Machines , 2013, Appl. Soft Comput..

[8]  Thomas F. Wenisch,et al.  PowerNap: eliminating server idle power , 2009, ASPLOS.

[9]  Raouf Boutaba,et al.  Cloud computing: state-of-the-art and research challenges , 2010, Journal of Internet Services and Applications.

[10]  Christian Belady,et al.  GREEN GRID DATA CENTER POWER EFFICIENCY METRICS: PUE AND DCIE , 2008 .

[11]  Mircea R. Stan,et al.  Modeling Power Consumption of NAND Flash Memories Using FlashPower , 2013, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[12]  Senthil Mani,et al.  Preventing Service Oriented Denial of Service (PreSODoS): A Proposed Approach , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[13]  Hannes Payer,et al.  Tempo: Disk drive power consumption characterization and modeling , 2009, 2009 IEEE 13th International Symposium on Consumer Electronics.

[14]  Didier Colle,et al.  Overall ICT Footprint and Green Communication Technologies (Invited Paper) , 2010 .

[15]  Didier Colle,et al.  Overall ICT footprint and green communication technologies , 2010, 2010 4th International Symposium on Communications, Control and Signal Processing (ISCCSP).

[16]  Alfredo De Santis,et al.  Network anomaly detection with the restricted Boltzmann machine , 2013, Neurocomputing.

[17]  Wolf-Dietrich Weber,et al.  Power provisioning for a warehouse-sized computer , 2007, ISCA '07.

[18]  Sunggu Lee,et al.  Power Modeling of Solid State Disk for Dynamic Power Management Policy Design in Embedded Systems , 2009, SEUS.

[19]  Chen Zhi,et al.  Saving Energy in Data Center Networks with Traffic-Aware Virtual Machine Placement , 2013 .

[20]  Philippe Bonnet,et al.  uFLIP: Understanding the Energy Consumption of Flash Devices , 2010, IEEE Data Eng. Bull..

[21]  Sujata Banerjee,et al.  ElasticTree: Saving Energy in Data Center Networks , 2010, NSDI.

[22]  Paul Watson,et al.  Experiments Towards Adaptation of Concurrent Workflows , 2007, ECOWS 2007.

[23]  Emmanuel Agu,et al.  Experimental Evaluation of Energy-Based Denial-of Service Attacks in Wireless Networks , 2007 .

[24]  Nils Gruschka,et al.  A survey of attacks on web services , 2009, Computer Science - Research and Development.

[25]  Elisa Bertino,et al.  Denial-of-Service Attacks to UMTS , 2015, Computer.

[26]  Luiz André Barroso,et al.  The Case for Energy-Proportional Computing , 2007, Computer.

[27]  Adam Stubblefield,et al.  Using Client Puzzles to Protect TLS , 2001, USENIX Security Symposium.

[28]  José Alberto Hernández,et al.  Performance evaluation of energy efficient ethernet , 2009, IEEE Communications Letters.

[29]  Francesco Palmieri,et al.  A distributed approach to network anomaly detection based on independent component analysis , 2014, Concurr. Comput. Pract. Exp..

[30]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[31]  P Kogge,et al.  The tops in flops , 2011, IEEE Spectrum.

[32]  Johannes G. Janzen Calculating Memory System Power for DDR SDRAM , 2001 .

[33]  George Forman,et al.  Cool Job Allocation: Measuring the Power Savings of Placing Jobs at Cooling-Efficient Locations in the Data Center , 2007, USENIX Annual Technical Conference.

[34]  Francesco Palmieri,et al.  Evaluating Network-Based DoS Attacks under the Energy Consumption Perspective: New Security Issues in the Coming Green ICT Area , 2011, 2011 International Conference on Broadband and Wireless Computing, Communication and Applications.

[35]  Liviu Iftode,et al.  Security versus energy tradeoffs in host-based mobile malware detection , 2011, MobiSys '11.

[36]  Massimiliano Rak,et al.  Intrusion Tolerant Approach for Denial of Service Attacks to Web Services , 2011, 2011 First International Conference on Data Compression, Communications and Processing.

[37]  Francesco Palmieri,et al.  Analyzing Local Strategies for Energy-Efficient Networking , 2011, Networking Workshops.

[38]  Pedro Reviriego,et al.  IEEE 802.3az: the road to energy efficient ethernet , 2010, IEEE Communications Magazine.