Advertisement

The Journal of Supercomputing

, Volume 71, Issue 5, pp 1620–1641 | Cite as

Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures

  • Francesco Palmieri
  • Sergio Ricciardi
  • Ugo Fiore
  • Massimo Ficco
  • Aniello Castiglione
Article

Abstract

This work analyzes a new and very subtle kind of security threat that can affect large-scale cloud-based IT service infrastructures, by exploiting the computational resources of their component data center to waste as much energy as possible. The consequence of these threats ranges from increased costs in the energy bill, to penalization for exceeding the agreed quantity of greenhouse gases (GHG) emissions, up to complete denial of service caused by electrical outages due to power budget exhaustion. We analyzed different types of such attacks with their potential impacts on the energy consumption, modeled their behavior and quantified how current energy-proportional technologies may provide attackers with great opportunities for raising the target facility emissions and costs. These efforts resulted in a simple model with some parametric reference values that can be used to estimate the impact of such attacks also in presence of very large infrastructures containing thousands or millions of servers.

Keywords

Cloud infrastructures Data center security Power consumption Denial of service Energy-oriented attacks 

References

  1. 1.
    Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I, Zaharia M (2010) A view of cloud computing. Commun ACM 53(4):50–58. doi: 10.1145/1721654.1721672 CrossRefGoogle Scholar
  2. 2.
    Ascierto R, Lawrence A (2013) Will energy prices power US datacenter growth or short-circuit energy efficiency? https://451research.com/report-short?entityId=76124&referrer=marketing/
  3. 3.
    Heller B, Seetharaman S, Mahadevan P, Yiakoumis Y, Sharma P, Banerjee S, McKeown N (2010) Elastictree: saving energy in data center networks. In: Proceedings of the 7th USENIX symposium on networked system design and implementation (NSDI), ACM, pp 249–264Google Scholar
  4. 4.
    Barroso LA, Holzle U (2007) The case for energy-proportional computing. Computer 40(12):33–37CrossRefGoogle Scholar
  5. 5.
    Bash C, Forman G (2007) Cool job allocation: measuring the power savings of placing jobs at cooling-efficient locations in the data center. In: Proceedings of USENIX annual technical conference, vol 138, p 140Google Scholar
  6. 6.
    Bickford J, Lagar-Cavilla HA, Varshavsky A, Ganapathy V, Iftode L (2011) Security versus energy tradeoffs in host-based mobile malware detection. In: Proceedings of the 9th international conference on mobile systems, applications, and services, ACM, pp 225–238Google Scholar
  7. 7.
    Bjorling M, Bonnet P, Bouganim L, Jónsson BP et al (2010) uFLIP: understanding the energy consumption of flash devices. IEEE Data Eng Bull 33(4):48–54Google Scholar
  8. 8.
    Bohrer P, Elnozahy EN, Keller T, Kistler M, Lefurgy C, McDowell C, Rajamony R (2002) The case for power management in web servers. In: Proceedings of power aware computing, Springer, USA, pp 261–289Google Scholar
  9. 9.
    BONE project (2009) WP 21 topical project green optical networks: report on year 1 and updated plan for activities, NoE, FP7-ICT-2007-1 216863 BONE project, Dec 2009Google Scholar
  10. 10.
    CERT Coordination Center: denial of service attacks (2001). http://www.cert.org/tech_tips/denial_of_service.html
  11. 11.
    Christensen K, Nordman B (2005) Reducing the energy consumption of networked devices. In: IEEE 802.3 tutorial, San Francisco, 19 July 2005. http://www.ieee802.org/802_tutorials/05-July/Tutorial%20July%20Nordman.pdf
  12. 12.
    Christensen K, Reviriego P, Nordman B, Bennett M, Mostowfi M, Maestro JA (2010) IEEE 802.3az: the road to energy efficient ethernet. Proc Commun Mag IEEE 48(11):50–56CrossRefGoogle Scholar
  13. 13.
    Crosby SA, Wallach DS (2003) Denial of service via algorithmic complexity attacks. In: Proceedings of the 12th USENIX security symposium, USENIX, Washington, pp 29–44Google Scholar
  14. 14.
    Dean D, Stubblefield A (2001) Using client puzzles to protect TLS. In: Proceedings of 10th USENIX security symposium, vol 42Google Scholar
  15. 15.
    Emerson network power: Energy Logic: reducing data center energy consumption by creating savings that cascade across systems. White paper, Emerson Electric Co, (2009). http://www.cisco.com/web/partners/downloads/765/other/Energy_Logic_Reducing_Data_Center_Energy_Consumption.pdf
  16. 16.
    Fan X, Weber WD, Barroso LA (2007) Power provisioning for a warehouse-sized computer. ACM SIGARCH Comput Archit News 35(2):13–23CrossRefGoogle Scholar
  17. 17.
    Ficco M, Rak M (2011) Intrusion tolerant approach for denial of service attacks to web services. In: Data compression, communications and processing (CCP), 2011 first international conference on IEEE, pp 285–292Google Scholar
  18. 18.
    Fiore U, Palmieri F, Castiglione A, De Santis A (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122:13–23Google Scholar
  19. 19.
    Hays R (2007) Active/idle toggling with 0BASE-x for energy efficient Ethernet. In: Presentation to the IEEE 802.3az Task Force, Nov 2007. http://www.ieee802.org/3/az/
  20. 20.
    Micron Technology Inc. (2001) Calculating memory system power for DDR. Technical Report TN-46-03. http://download.micron.com/pdf/technotes/ddr/TN4603.pdf
  21. 21.
    Intel Corporation: Intel Xeon Processor with 512KB L2 Cache at 1.80 GHz to 3 GHz Datasheet (2003). http://download.intel.com/design/Xeon/datashts/29864206.pdf
  22. 22.
    Koomey J (2007) Estimating total power consumption by servers in the US and the world, Feb 2007 . http://hightech.lbl.gov/documents/DATA_CENTERS/svrpwrusecompletefinal.pdf
  23. 23.
    Janzen J (2001) Calculating memory system power for DDR SDRAM. Micron Designline, 10(2): 1–12, 2Q,2001Google Scholar
  24. 24.
    Jensen M, Gruschka N, Herkenhner R (2009) A survey of attacks on web services. Comput Sci Res Dev 24(4):185–197CrossRefGoogle Scholar
  25. 25.
    Jensen M, Gruschka N, Herkenhoner R, Luttenberger N (2007) SOA and web services: new technologies, new standards, new attacks. In: Proceedings of fifth European conference on web services, ECOWS ’07, pp 35–44. doi: 10.1109/ECOWS.2007.9
  26. 26.
    Torres J (2010) Green computing: the next wave in computing, (ed) UPCommons, Technical University of Catalonia (UPC), Feb 2010. http://seminarisempresa.fib.upc.edu/aulesempresa/2010/programes/BSC/Llista-documents/02/document/5.%20BSC%20GreenComputing.AulesEmpresa%20FOB.2010.pdf
  27. 27.
    Seagate Technology LLC (2005) Product manual Barracuda 7200.7. http://www.seagate.com/support/disc/manuals/ata/cuda7200pm.pdf
  28. 28.
    Armbrust M, Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I, Zaharia M (2009) Above the clouds: a Berkeley view of cloud computing, technical report no UCB/EECS-2009-28, University of California at Berkley, USA, 10 Feb 2009Google Scholar
  29. 29.
    McAfee and ICF International (2009) The carbon footprint of email spam report. http://resources.mcafee.com/content/NACarbonFootprintSpam
  30. 30.
    McDowell M (2004) Understanding denial-of-service attacks. National Cyber Alert System, Cyber Security Tip ST04-015.2004Google Scholar
  31. 31.
    Meisner D, Gold BT, Wenisch TF (2009) PowerNap: eliminating server idle power. In: Proceedings of ACM Sigplan notices, vol 44/3, pp 205–216Google Scholar
  32. 32.
    Mitchell-Jackson J, Koomey J, Nordman B, Blazek M (2003) Data center power requirements: measurements from Silicon Valley. Energy 28(8):837–850. doi: 10.1016/S0360-5442(03)00009-4 CrossRefGoogle Scholar
  33. 33.
    Mohan V, Bunker T, Grupp L, Gurumurthi S, Stan MR, Swanson S (2013) Modeling power consumption of nand flash memories using flashpower. IEEE Trans Comput Aided Des Integr Circuits Syst 32(7):1031CrossRefGoogle Scholar
  34. 34.
    Molaro D, Payer H, Le Moal D (2009) Tempo: disk drive power consumption characterization and modeling. In: Proceedings of 13th international symposium on consumer electronics ISCE ’09, IEEE, pp 246–250Google Scholar
  35. 35.
    Padmanabhuni S, Singh V, Senthil Kumar K, Chatterjee A (2006) Preventing service oriented denial of service (PreSODoS): a proposed approach. In: Proceedings of international conference on web services, ICWS ’06, pp 577–584. doi: 10.1109/ICWS.2006.102
  36. 36.
    Palmieri F, Fiore U, Castiglione A (2013) A distributed approach to network anomaly detection based on independent component analysis. Concurr Comput Pract Exp 26(5):1113–1129Google Scholar
  37. 37.
    Palmieri F, Fiore U, Castiglione A, De Santis A (2013) On the detection of card-sharing traffic through wavelet analysis and support vector machines. Appl Soft Comput 13(1):615–627. doi: 10.1016/j.asoc.2012.08.045 CrossRefGoogle Scholar
  38. 38.
    Palmieri F, Ricciardi S, Fiore U (2011) Evaluating network-based DoS attacks under the energy consumption perspective: new security issues in the coming green ICT area. In: Proceedings of 2011 international conference on broadband and wireless computing, communication and applications (BWCCA), IEEE, pp 374–379Google Scholar
  39. 39.
    Park J, Yoo S, Lee S, Park C (2009) Power modeling of solid state disk for dynamic power management policy design in embedded systems. In: Software technologies for embedded and ubiquitous systems, Springer, Berlin Heidelberg, pp 24–35Google Scholar
  40. 40.
    Kogge P (2011) The tops in flops. IEEE Spectrum 48(2):49–54Google Scholar
  41. 41.
    Reviriego P, Hernández J, Larrabeiti D, Maestro JA (2009) Performance evaluation of energy efficient Ethernet. Commun Lett IEEE 13(9):697–699CrossRefGoogle Scholar
  42. 42.
    Ricciardi S, Careglio D, Fiore U, Palmieri F, Santos-Boada G, Solé-Pareta J (2011) Analyzing local strategies for energy-efficient networking. In: Lecture notes in computer science, vol 6827, Springer,Berlin Heidelberg, pp 291–300Google Scholar
  43. 43.
    RSnake JK, Lee R (2009) Slowloris HTTP DoS. http://ha.ckers.org/slowloris/
  44. 44.
    Sohan R, Rice A, Moore AW, Mansley K (2010) Characterizing 10 Gbps network interface energy consumption. In: Proceedings of 35th Conference on local computer networks (LCN), 2010 IEEE, pp 268–271Google Scholar
  45. 45.
    St Arnaud B (2011) ICT and global warming: opportunities for innovation and economic growth. http://www.itu.int/ITU-D/cyb/newslog/ICT+And+Global+Warming+Opportunities+For+Innovation+And+Economic+Growth.aspx
  46. 46.
    Stewart J (2007) HTTP DDoS attack mitigation using tarpitting. Securework.com. http://www.secureworks.com/research/threats/ddos
  47. 47.
    Rawson A, Pfleuger J, Cader T (2008) data center power efficiency metrics: PUE and DCiE, Technical Committee White Paper. http://www.eni.com/green-data-center/it_IT/static/pdf/Green_Grid_DC.pdf
  48. 48.
    Vereecken W, Van Heddeghem W, Colle D, Pickavet M, Demeester P (2010) Overall ICT footprint and green communication technologies. In: Proceedings of ISCCSP 2010, Limassol, Cyprus, Mar 2010 Google Scholar
  49. 49.
    West W, Agu E (2007) Experimental evaluation of energy-based denial-of service attacks in wireless networks. IJCSNS 7(6):222Google Scholar
  50. 50.
    Zhang Q, Cheng L, Boutaba R (2010) Cloud computing: state-of-the-art and research challenges. J Internet Serv Appl 1(1):7–18CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Francesco Palmieri
    • 1
  • Sergio Ricciardi
    • 2
  • Ugo Fiore
    • 3
  • Massimo Ficco
    • 1
  • Aniello Castiglione
    • 4
  1. 1.Department of Industrial and Information EngineeringSecond University of NaplesAversaItaly
  2. 2.Departament d’Arquitectura de ComputadorsUniversitat Politècnica de Catalunya, BarcelonaTech (UPC)BarcelonaSpain
  3. 3.Centro Servizi InformativiFederico II University of NaplesNaplesItaly
  4. 4.Department of Computer ScienceUniversity of SalernoFiscianoItaly

Personalised recommendations