[PAST EVENT] Xing Gao, Computer Science - Oral Exam
Data centers have been growing rapidly in recent years to meet the surging demand of cloud services. However, the expanding scale of a data center also brings new security threats. In this proposal, we present our study on two new DoS (denial-of-service) attacks on data centers: thermal attack and synergistic power attack.
A trend in modern data centers is to maintain all servers in a relatively hot environment, in order to save on cooling costs. However, the hot environment increases the risk of cooling failure. In this proposal, we introduce the new concept of thermal attack on a data center, which can severely worsen the thermal conditions in the data center. To unveil the vulnerability, we conduct thermal measurements and present effective thermal attack vectors at the server, rack, and data center levels. We further propose effective defenses against such a attack.
Bare metal container cloud services have become more attractive. However, due to the incomplete implementations of the container isolation features in the Linux kernel, there still exist some security concerns for hosting containers on bare metal cloud infrastructures. In this proposal, we systematically study the cross- container leakage channels and their resulted information leakage. By exploiting these seemingly innocuous information leakages, we propose synergistic power attack, in which adversaries can facilitate their attacking orchestration and maximize their attacking effects. We further discuss the root causes of such information leakages and develop a power-based namespace in the Linux kernel as effective defense.
VM (virtual machine) live migration has been widely deployed in existing cloud services for load balancing, fault tolerance, and system maintenance. In the future work, we plan to explore the potential security problems in VM live migration. We will introduce a new DoS attack to break the migration and leave the migrated VM in an inconsistent state. We will then develop defense mechanisms for protection on VM migration.
Xing Gao is a Ph.D. candidate of Computer Science at William & Mary and currently a visiting Ph.D. student in Department of Electrical and Computer Engineering at University of Delaware, advised by Dr. Haining Wang. His research interests lie in cloud computing, system security, and mobile security. In summer 2016, Xing was a summer research intern at IBM T.J. Watson Research Center. Before joining William & Mary, he received his B.S degree from Beijing Institute of Technology.