ECE Seminar Series
Title: Securing Warehouse-Scale Computers
Speaker: Mohammad Islam
Affiliation: Department of Electrical and Computer Engineering, University of California Riverside
Day: Monday, January 29, 2018
Time: 11:00 am - 12:00 pm
Location: LSC Room 312
Abstract: The sheer scale of the Internet and cloud computing mandates massive computer systems housed in mission-critical data centers, a.k.a. warehouse-scale computers. Due to the criticality of hosted services, data centers are emerging as a prime target for malicious attacks. While securing data centers in the cyber space has been widely studied, a complementary and equally important security aspect --- data center physical infrastructure security --- has remained largely unchecked and emerged to threaten the data center uptime.
In my research, I make contribution to data center security by enhancing the physical infrastructure security, with a particular focus on mitigating the emerging threat of "power attacks" in multi-tenant data centers. Taking up nearly 40% of all data center energy usage, multi-tenant data centers are shared facilities housing computer systems owned by multiple tenants/organizations, and hence are highly vulnerable to well-timed power load injection attacks (i.e., power attacks) that can create dangerous capacity overloads, resulting in million-dollar losses. In this talk, I will show that a malicious tenant, or an attacker, can exploit the unique physical co-residency of multiple tenants in a multi-tenant data center. Specifically, I will present two physical side channels --- thermal side channel due to servers' heat recirculation and acoustic side channel due to servers' cooling fan noise --- through which an attacker can extract runtime power usage of benign tenants and time its attacks. I will also highlight a set of defense strategies that the data center operator can employ to safeguard the data center from power attacks.
Bio: Mohammad Atiqul Islam is a Ph.D. candidate in the Department of Electrical and Computer Engineering at the University of California Riverside. He received his B.Sc. in Electrical and Electronics Engineering from Bangladesh University of Engineering and Technology in January 2008. His research interests are in the areas of cyber-physical systems, computer architecture, and security. He is mainly focusing on the secure and efficient operation of multi-tenant data centers. He has 20 plus publications in reputed peer-reviewed computer science conferences and journals, including IEEE Intl. Symp. on High Performance Computer Architecture (HPCA), ACM Conference on Computer and Communications Security (CCS), ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS), IEEE Transactions on Cloud Computing (TCC), and IEEE Transactions on Services Computing (TSC).