Energy consumption as a security indicator

Energy consumption as a security indicator - how we at aixit combine security and sustainability

Cyber attacks have long been part of everyday life in the IT world. Computing-intensive malware such as ransomware, cryptominers and others are becoming increasingly sophisticated in order to remain undetected. The increasing requirements for sustainability and energy efficiency in data centers offer an approach to unmasking them. At aixit, we are therefore working on a promising approach to greater security as part of our own research project. At its core, our idea combines the topics of IT security and energy analysis.

 

The basic principle follows a promising logic: the energy consumption behavior of an IT system contains a lot of information about its use, including what is happening in the background. Deviations from the expected consumption pattern of an application can provide indications of suspicious activities - for example, malware that executes computationally intensive processes in the background. Instead of relying on signature-based detection as usual, we take a different approach: we measure energy consumption directly at hardware level and combine this data with intelligent analysis methods. Our aim is to be able to detect unknown or polymorphic attacks in the future that are no longer reliably detected by traditional methods.

The approach offers various added values: On the one hand, security in the data center would be increased by an additional observer and warning device - which does not require access to the execution environment or application - with clear detection potential for forms of attack that were previously not identified or often identified too late. Secondly, the detailed consumption analysis allows optimization potential to be leveraged during operation. This not only helps with cost control, but also supports our sustainability goals in the use of IT resources.

Of course, such an approach also entails challenges. The biggest one is the complexity of modern IT infrastructures. In virtualized environments, many systems share the same physical hardware. This makes it difficult to precisely allocate energy consumption to a single application or virtual machine. In addition, workloads today are dynamic: Systems ramp up, scale automatically or relocate processes on the fly. The “normality” is constantly changing - which makes it much more difficult to detect anomalies. Another challenge lies in scalability. While such an approach can be tested well in laboratory environments, in reality it must function efficiently and automatically with hundreds or thousands of systems.

With its approach, our project could close a gap in the future that has received little attention to date: the combination of energy measurement and IT security at hardware level. While traditional security systems are increasingly reaching their limits, this approach opens up new possibilities for a specific behavioral class of malware - and at the same time contributes to ecological responsibility in IT operations.

At aixit, we are driving this research forward not just out of technical curiosity, but out of conviction: Those who operate data centers bear responsibility - for availability, protection and sustainability in equal measure. For us, energy consumption as a security indicator is an exciting building block in a holistic strategy for secure and sustainable IT infrastructures.

If you would like to know more about this topic, please send an e-mail to forschung@aixit.com or use our contact form.

 

back