Short Demo in Open Water Scenario

In The News

Q&A

• What are underwater data centers, and why are they important?

  
  Underwater data centers (UDCs) are metal pressurized vessels that house servers beneath the sea. Several successful prototypes have been deployed and released to the market in recent years from companies such as Microsoft, Subsea Cloud, and Offshore Oil Engineering Company. Such underwater infrastructures demonstrate several key advantages due to the natural cooling properties of water, space efficiency compared to their in-land equivalent, and reliability as the underwater environment is less prone to issues like temperature fluctuations and physical degradation.
  
  With the recent spike in demand for AI computing and an overall power consumption of data centers projected to reach 35GW by 2030 just in the US, UDCs have been proposed as a sustainable solution that meets increasing data needs while also prioritizing environmental conservation.



• How does the AquaSonic attack work?

  
  We discover that propagation of sound underwater at certain frequency ranges can severely degrade the performance and capabilities of cloud servers enclosed in submerged metallic structures.

  This can be used by malicious adversaries to:

  • Slow down or completely block access to distributed databases and other data-heavy applications running on cloud servers.
  • Manipulate how resources are distributed in cloud services.
  • Cause errors in data stored in such servers and failures in fault tolerance systems such as RAID.


• Why does it matter if an adversary can block access to data centers and data applications on cloud servers?

  
  Information relating to time-sensitive, safety-critical systems for healthcare, government, and military operations is stored in data centers. Disrupting access to this critical information can have severe consequences.



• How does this attack work?

  
  Data centers store data in servers which contain storage systems such as hard disk drives (HDDs). Hard drives are made of movable mechanical components sensitive to vibrations at certain frequencies (resonance frequencies). Sound waves propagate through water and convert to mechanical energy when they travel through solids. This mechanical energy reaches the drives in the enclosure and vibrates their internal components, degrading their ability to read and write information.
  
  We also found that by controlling the intensity (volume) of the transmitted sound, malicious adversaries can control such degradation to manipulate cloud applications and resource management systems.



• Who can mount the attack?

  
  We consider budgeted attackers who want to achieve high-level control over UDC infrastructure critical operations, such as redirecting server workloads, altering resource allocation, and achieving control over response latency and performance of cloud applications, including disrupting their functioning.



• I have heard of acoustic attacks on hard disk drives before. How is this different?

  
  Previous research has demonstrated that loud sounds in the air can cause laptop operating systems to crash and also permanently damage HDDs. In this work, we show how underwater sound can impact cloud applications and resource management systems on a broader scale placing emerging UDC technology at greater risk. The attack is particularly efficient in water because sound travels 4 times faster than air and attenuates more slowly.
  
  Beyond sound properties, the isolated subsea environment of UDCs means that human operators cannot easily access the subsea infrastructure and quickly restore the affected system or substitute damaged parts.



• Does the attack matter with redundant storage systems like RAID or distributed databases?

  
  The attack matters with redundant storage systems like RAID or distributed databases because the redundancy in these systems is designed to protect data in case of disk failure, but we demonstrate that sound injection can induce failure in multiple disks simultaneously. This highlights the need for data protection systems that do not rely on the assumption that disks will fail independently.



• Are Solid-state hard drives (SSDs) affected by this attack?

  
  No, since they are not composed of moving mechanical components which can vibrate. However, current data center platforms like Alibaba Pangu, Microsoft Azure, Amazon, and Google rely on hybrid architectures composed of SSDs and HDDs for many reasons, including the need for large storage capacity, high reliability, and lower costs. Our experiments show that the attack can increase the latency significantly, with up to 300% to 400% delay in saving data.



• Why does the sound frequency matter?

  
  All solid objects have resonant frequencies, which are the frequencies at which the object naturally vibrates. The resonant frequencies of objects depend on what they are made of, their shape, and structure. Only sounds emitted at those frequencies can cause the resonance effect.



• What is the range of the AquaSonic attack?

  
  We are able to induce more than 60% reduction in performance more than 6 meters away from a submerged aluminum enclosure in our open-water experiment setup, by only using a commercial speaker. Based on our simulation model we find that an attacker can theoretically induce performance degradation over several kilometers using powerful speakers such as the one used in military ships and submarines.



• Does the AquaSonic attack require special equipment?

  
  This attack can be mounted by an adversary using an underwater speaker with an amplifier which can produce sufficiently high-volume sounds in the frequency range required to induce sufficient vibrations. We used a commercial speaker used to communicate with divers and swimmers to transmit a sound at ~5 KHz. The farther away the victim's eclosure, the more the adversary requires a high-power speaker.



• How can we protect against the AquaSonic attack?

  
  There are a variety of ways to defend against the AquaSonic attack. Some of these include designing the data center structure in a way to reduce vibration propagation, using sound-absorbing materials around the servers to attenuate sound, implementing active noise cancellation, and modifying the firmware of the HDDs to mitigate the oscillations’ effect.
  
  We propose a machine learning-based detection method to detect simultaneous changes in the storage system behavior to indicate whether an attack is occurring and promptly act.



• Has this attack been performed in the wild?

  
  No, we have not yet seen any indication that this attack has been performed in the wild.



• Is the sound used in the attack safe?

  
  We use a commercial speaker which can reach a maximum volume of 180 dB sound pressure level (SPL) to emit sounds in the audible range for brief time periods. Please be aware that experiments involving loud sounds can pose serious risks to your hearing. Prolonged exposure to high-decibel sounds can lead to temporary or even permanent hearing loss.
  During our experiment, we used appropriate hearing protection and controlled environments.




Acknowledgments




We thank the anonymous shepherd and reviewers for their valuable comments. This research was supported in part by the National Science Foundation (NSF) under CNS-2055014, the Air Force Office for Scientific Research under FA8650-19-1-1741 and FA8650-19-1-0169, gifts from Facebook and Texas Instrument, and JST CREST JPMJCR23M4. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF.