alt text

Research Areas

My research falls broadly in the general areas of computer system security and architecture.

Research Agenda

Today’s computer systems have been continuously evolving to catch up with the demands of modern society. The technological progress is stretching the boundaries of what is possible, creating new unprecedented operational challenges. To that end our work focuses on enhancing computer systems with secure and efficient designs. We conduct rigorous evaluations of computer system vulnerabilities and employ hardware-software codesign techniques towards their mitigation.

Recent Works

Data Center Security

Our recent works focus on data center security. The sheer scale of the Internet and cloud computing mandates massive computer systems housed in mission-critical data centers. And, due to the criticality of hosted services, data centers are emerging as a prime target for malicious attacks. While securing data centers in the cyberspace has been widely studied, a complementary and equally important security aspect  —  data center physical infrastructure security  —  has remained largely unchecked and emerged to threaten the data center uptime.

In our research, we contribute to data center security by enhancing the physical infrastructure security, with a particular focus on mitigating the emerging threat of ‘‘power attacks’’ in multi-tenant ‘‘colocation’’ data centers. Taking up nearly 40% of all data center energy usage, multi-tenant data centers are shared facilities that house physical servers of multiple tenants who pay for using the facility's non-IT infrastructure (e.g., cooling). We identify that there are serious vulnerabilities lurking in the multi-tenant data center infrastructures exposing them to well-timed power load injection attacks (i.e., power attacks). Power attacks can create dangerous capacity overloads resulting in million-dollar losses. We show that a malicious tenant, or an attacker, can extract runtime power usage of benign tenants by exploiting physical side channels due the unique physical co-residency of multiple tenants in the shared data center. Specifically, we study the vulnerability and defense strategies against a thermal side channel due to server heat recirculation, an acoustic side channel due to server fan noise, and a voltage side channel due to Ohm's Law.

Selected Relavent Publications

Efficient Operation Through Coordination

Data center operators aspire efficient operation for reasons such as improved infrastructure utilization, lowered electricity bill, reduced carbon emission, etc. However, in a multi-tenant colocation data center, the servers are owned and operated by individual tenants. This restricts the data center operator to employ many existing centralized efficient operation techniques. For example, it has been commonly proposed in the literature to slow down CPUs, put servers in low-power modes, or even temporarily shut them down to reduce power consumption. They utilize the workload information to decide which servers to be slowed down or turned off with minimum performance impact (e.g., a server/cluster with a low workload is a suitable candidate for power reduction). These techniques cannot be applied to multi-tenant data centers because, first, the operator does not have any information on tenants’ workload, and second, it also does not control the tenants’ servers. We propose market based frameworks that establish coordination and communication between operator and tenants toward their mutual benefit.

Selected Relavent Publications