计算机科学

计算机科学 ›› 2022, Vol. 49 ›› Issue (12): 374-380.doi: 10.11896/jsjkx.211000065

• 信息安全 • 上一篇    

基于PCPEC的数据中心功耗攻击防御策略

欧东阳1, 张开强1, 陈圣蕾1, 蒋从锋1, 闫龙川2   

  1. 1 杭州电子科技大学计算机学院 杭州310018
    2 国家电网有限公司信息通信分公司 北京100761
  • 收稿日期:2021-10-11 修回日期:2022-05-15 发布日期:2022-12-14
  • 通讯作者: 蒋从锋(cjiang@hdu.edu.cn)
  • 作者简介:(oudongyang@hdu.edu.cn)
  • 基金资助:
    国家自然科学基金面上项目“数据中心电力攻击检测技术研究”(61972118)

Data Center Power Attack Defense Strategy Based on PCPEC

OU Dong-yang1, ZHANG Kai-qiang1, CHEN Sheng-lei1, JIANG Cong-feng1, YAN Long-chuan2   

  1. 1 School of Computer Science and Technology,Hangzhou Dianzi University,Hangzhou 310018,China
    2 Information and Communication Branch of State Grid Corporation of China,Beijing 100761,China
  • Received:2021-10-11 Revised:2022-05-15 Published:2022-12-14
  • About author:OU Dong-yang,born in 1980,Ph.D candidate.His main research interests include edge computing and cloud computing.JIANG Cong-feng,born in 1980,Ph.D,professor,is a member of China Computer Federation.His main research interests include edge computing,system optimization,performance evaluation and distributed system benchmarking.
  • Supported by:
    National Natural Science Foundation of China(61972118).

PDF (PC)

339

摘要: 当前数据中心广泛应用多租户、容器化、虚拟化等技术进行服务器聚合与资源复用,并通过服务器资源与电力资源的超售(Oversubscription)进一步提高资源利用率。但是,资源与电力超售使得数据中心服务器在尖峰负载(Workload Bursts)时面临功耗过载的威胁。因此,功耗攻击(Power Attack,即电力攻击)通过运行恶意程序来增加服务器设备的功耗,使之达到或超过配电系统功耗极限值,引起服务器故障或断路器跳闸,甚至导致整个数据中心供电系统中断。为了降低数据中心遭受功耗攻击的风险,文中提出了基于性能等价资源配置的功耗封顶方法PCPEC,该方法利用虚拟机在不同配置下功耗的差异性进行虚拟机配置等效替换,以实现功耗管控。实验结果表明,PCPEC方法可以使服务器的动态功耗降低22.2%~29.6%,且大部分虚拟机在进行资源配置替换后性能均呈上升趋势,最大提升了2.12%,从而有效减小了功耗攻击对数据中心带来的影响。

关键词: 虚拟机, 数据中心, 功耗攻击, 功耗封顶, 等效替换

Abstract: Currently,due to the wide application of multi-tenancy,containerization,virtualization and power over-subscription in data centers,the possibility of power attack is becoming increasingly higher.The main means of power attack is to run malicious codes to increase the power consumption of servers,storage device and network equipment to exceed the power limit of a distribution system.And it causes server failure or circuit breaker trip,or even the interruption of the power supply system of the data centers.In order to reduce the risk of power attack on data center,this paper proposes a power capping method of performance equivalence configuration(PCPEC).This method takes advantage of the difference of power consumption in different configurations of virtual machines to implement the equivalent replacement of virtual machine configuration.Experiment result shows that PCPEC can reduce the dynamic power consumption of the server by 22.2%~29.6%,and the performance of most virtual machines increases by 2.12% after the replacement of resource configuration,thus effectively reducing the impact of power attack on the data center.

Key words: Virtual machine, Data center, Power attack, Power capping, Equivalent replacement

中图分类号: 

  • TP391
[1]ISLAM M A,YANG L,RANGANATH K,et al.Why some like it loud:timing power attacks in multi-tenant data centers using an acoustic side channel [J].ACM on Measurement and Analysis of Computing Systems,2018,2(1):1-33.
[2]LI C,WANG Z,HOU X,et al.Power attack defense:securing battery-backed data centers [J].ACM Computer Architecture News,2016,44(3):493-505.
[3]GAO X,XU Z,WANG H,et al.Reduced cooling redundancy:a new security vulnerability in a hot data center [C]//Network and Distributed System Security Symposium(NDSS).2018.
[4]Summary of the Amazon S3 service disruption in the northern Virginia region [EB/OL].[2020-03-07].https://aws.amazon.com/cn/message/41926/.
[5]DENG W,LIU F M,JIN H,et al.New energy application in cloud computing data center:research status and trend [J].Chinese Journal of Computers,2013,36(3):582-598.
[6]LI X,JIANG X H,WU Z H,et al.Research on heat management method of green data center [J].Chinese Journal of Computers,2015,38(10):1976-1996.
[7]SONG J,SUN Z Z,LIU H,et al.Research progress on energy consumption optimization of hybrid power supply data center [J].Chinese Journal of Computers,2018,41(12):2670-2688.
[8]WANG Z G,YI H,ZHANG W H.Data center energy consumption optimization method based on machine learning characteristics [J].Journal of Software,2014,25(7):1432-1447.
[9]ZHAO X G,HU Q P,DING L,et al.Data center energy-saving scheduling algorithm based on model predictive control [J].Journal of Software,2017,28(2):429-442.
[10]LI D H,ZHAO J C,CUI H M,et al.Design of DVFS impact model on program performance in data center [J].Journal of Software,2017,28(4):845-859.
[11]LEFURGY C,WANG X,WARE M.Power capping:A prelude to power shifting [J].Cluster Computing,2008,11(2):182-194.
[12]RAGHAVENDRA R,RANGANATHAN P,TALWAR V,et al.No “power” struggles:Coordinated multi-level power management for the data center [C]//Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems.Seattle:ASPLOS,2008:48-59.
[13]RANGANATHAN P,LEECH P,IRWIN D,et al.Ensemble-level power management for dense blade servers [J].ACM SIGARCH Computer Architecture News,2006,34(2):66-77.
[14]WANG X,CHEN M.Cluster-level feedback power control for performance optimization [C]//2008 IEEE 14th International Symposium on High Performance Computer Architecture.Salt Lake City:IEEE,2008:101-110.
[15]WANG X,CHEN M,LEFURGY C,et al.SHIP:Scalable hie-rarchical power control for large-scale data centers [C]//2009 18th International Conference on Parallel Architectures and Compilation Techniques.Raleigh:IEEE,2009:91-100.
[16]RANGANATHAN P,LEECH P,IRWIN D,et al.Ensemble-level power management for dense blade servers [J].ACM SIGARCH Computer Architecture News,2006,34(2):66-77.
[17]FAN X,WEBER W D,BARROSO L A.Power provisioning for a warehouse-sized computer [J].ACM SIGARCH Computer Architecture News,2007,35(2):12-22.
[18]ARROBA P,MOYA J M,AYALA J L,et al.Dynamic Voltage and Frequency Scaling-aware dynamic consolidation of virtual machines for energy efficient cloud data centers [J].Concurrency and Computation:Practice and Experience,2017,29(10):e4067.
[19]KUEHN P J,MASHALY M.DVFS-power management andperformance engineering of data center server clusters [C]//2019 15th Annual Conference on Wireless On-demand Network Systems and Services(WONS).Wengen:IEEE,2019:91-98.
[20]LIM H,KANSAL A,LIU J.Power budgeting for virtualized data centers [C]//2011 USENIX Annual Technical Conference(USENIX ATC’11).2011:59-63.
[21]GUITART J.Toward sustainable data centers:A comprehensive energy management strategy [J].Computing,2017,99(6):597-614.
[22]VAPNIK V.The nature of statistical learning theory[M].Springer Science & Business Media,2012:201-205.
[23]CHANG C C,LIN C J.LIBSVM:A library for support vector machines [J].ACM Transactions on Intelligent Systems and Technology(TIST),2011,2(3):1-27.
[1] 潘志勇, 程宝雷, 樊建席, 卞庆荣.
数据中心网络BCDC上的顶点独立生成树构造算法
Algorithm to Construct Node-independent Spanning Trees in Data Center Network BCDC
计算机科学, 2022, 49(7): 287-296. https://doi.org/10.11896/jsjkx.210500170
[2] 蒋成满, 华保健, 樊淇梁, 朱洪军, 徐波, 潘志中.
Python虚拟机本地代码的安全性实证研究
Empirical Security Study of Native Code in Python Virtual Machines
计算机科学, 2022, 49(6A): 474-479. https://doi.org/10.11896/jsjkx.210600200
[3] 易怡, 樊建席, 王岩, 刘钊, 董辉.
BCube在2-限制连通度下的容错路由算法
Fault-tolerant Routing Algorithm in BCube Under 2-restricted Connectivity
计算机科学, 2021, 48(6): 253-260. https://doi.org/10.11896/jsjkx.200900203
[4] 张登科, 王兴伟, 何强, 曾荣飞, 易波.
可重构数据中心网络研究综述
State-of-the-art Survey on Reconfigurable Data Center Networks
计算机科学, 2021, 48(3): 246-258. https://doi.org/10.11896/jsjkx.201100038
[5] 蒋建峰, 尤澜涛.
基于MPLS-TE的数据中心网络QoS优化
QoS Optimization of Data Center Network Based on MPLS-TE
计算机科学, 2021, 48(11A): 485-489. https://doi.org/10.11896/jsjkx.210900190
[6] 李双刚, 张爽, 王兴伟.
基于自适应虚拟机迁移的云资源调度机制
Cloud Resource Scheduling Mechanism Based on Adaptive Virtual Machine Migration
计算机科学, 2020, 47(9): 238-245. https://doi.org/10.11896/jsjkx.190900189
[7] 庄奕, 杨家海.
限时点到多点跨数据中心传输的多源树调度算法
Multi-source Tree-based Scheduling Algorithm for Deadline-aware P2MP Inter-datacenter Transfers
计算机科学, 2020, 47(7): 213-219. https://doi.org/10.11896/jsjkx.200300069
[8] 张彬彬, 王娟, 岳昆, 武浩, 郝佳.
基于随机森林的虚拟机性能预测与配置优化
Performance Prediction and Configuration Optimization of Virtual Machines Based on Random Forest
计算机科学, 2019, 46(9): 85-92. https://doi.org/10.11896/j.issn.1002-137X.2019.09.011
[9] 卢海峰, 顾春华, 罗飞, 丁炜超, 袁野, 任强.
强化学习下能耗优化的虚拟机放置策略
Virtual Machine Placement Strategy with Energy Consumption Optimization under Reinforcement Learning
计算机科学, 2019, 46(9): 291-297. https://doi.org/10.11896/j.issn.1002-137X.2019.09.044
[10] 李晓光, 邵超.
基于网格数据中心的密度峰值聚类算法
Density Peak Clustering Algorithm Based on Grid Data Center
计算机科学, 2019, 46(6A): 457-460.
[11] 金勇, 刘亦星, 王欣欣.
基于SDN的数据中心网络多路径流量调度算法
SDN-based Multipath Traffic Scheduling Algorithm for Data Center Network
计算机科学, 2019, 46(6): 90-94. https://doi.org/10.11896/j.issn.1002-137X.2019.06.012
[12] 陈昊,罗蕾,李允,陈丽蓉.
安全虚拟机监视器的形式化验证研究
Study on Formal Verification of Secure Virtual Machine Monitor
计算机科学, 2019, 46(3): 170-179. https://doi.org/10.11896/j.issn.1002-137X.2019.03.026
[13] 汪晨欣, 杨家海, 庄奕, 罗念龙.
未来网络试验设施的节点资源调度算法
Node Resource Scheduling for Future Network Experimentation Facility
计算机科学, 2019, 46(12): 95-100. https://doi.org/10.11896/jsjkx.190400106
[14] 范吉立, 李晓华, 聂铁铮, 于戈.
区块链系统中智能合约技术综述
Survey on Smart Contract Based on Blockchain System
计算机科学, 2019, 46(11): 1-10. https://doi.org/10.11896/jsjkx.190300013
[15] 车建华,任守纲,余勇,徐焕良.
基于状态转移图的虚拟集群节点可用性分析
Availability Analyzing of Virtual Cluster Nodes Based on State Transition Diagram
计算机科学, 2018, 45(5): 317-321. https://doi.org/10.11896/j.issn.1002-137X.2018.05.055
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发