This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
On Energy Security of Server Systems
Nov.-Dec. 2012 (vol. 9 no. 6)
pp. 865-876
Zhenyu Wu, College of William and Mary, Williamsburg
Mengjun Xie, University of Arkansas at Little Rock, Little Rock
Haining Wang, College of William and Mary, Williamsburg
Power management has become increasingly important for server systems. Numerous techniques have been proposed and developed to optimize server power consumption and achieve energy proportional computing. However, the security perspective of server power management has not yet been studied. In this paper, we investigate energy attacks, a new type of malicious exploits on server systems. Targeted solely at abusing server power consumption, energy attacks exhibit very different attacking behaviors and cause very different victim symptoms from conventional cyberspace attacks. First, we unveil that today's server systems with improved power saving technologies are more vulnerable to energy attacks. Then, we demonstrate a realistic energy attack on a stand-alone server system in three steps: 1) by profiling energy cost of an open web service under different operation conditions, we identify the vulnerabilities that subject a server to energy attacks; 2) exploiting the discovered attack vectors, we design an energy attack that can be launched anonymously from remote; and 3) we execute the attack and measure the extent of its damage in a systematic manner. Finally, we highlight the challenges in defending against energy attacks, and we propose an effective defense scheme to meet the challenges and evaluate its effectiveness.
Index Terms:
Servers,Power demand,Network security,Energy management,Internet,Power measurement,energy-aware programming,Energy attack,server security
Citation:
Zhenyu Wu, Mengjun Xie, Haining Wang, "On Energy Security of Server Systems," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 6, pp. 865-876, Nov.-Dec. 2012, doi:10.1109/TDSC.2012.70
Usage of this product signifies your acceptance of the Terms of Use.