BMCLeech: Introducing Stealthy Memory Forensics to BMC

Latzo, Tobias; Brost, Julian; Freiling, Felix C.

doi:10.1016/j.fsidi.2020.300919

Cited by 5 publications

(1 citation statement)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Today "Open Compute Project" [26] compliant bare-metal servers and "OpenPower Servers" [27] are being shipped with BMC hardware that can run OpenBMC firmware. BM-CLeech [28] is a method for capturing a snapshot of baremetal server's host complex memory from the BMC complex (running OpenBMC) in a stealthy manner for forensic investigation. The proposed NASCENT is designed to run on OpenBMC and also on proprietary BMC hardware using an OpenBMC proxy.…”

Section: Related Workmentioning

confidence: 99%

NASCENT: A Non-Invasive Solution for Detecting Utilization of Servers in Bare-Metal Cloud

et al. 2022

View full text Add to dashboard Cite

Physical servers are available as-a-service in bare-metal public and private cloud platforms, and their demand has been proliferating because of the high levels of privacy and security guarantees they provide to the tenants. This raises the need for efficient management of bare-metal clouds to keep operational costs low such as by reducing energy consumption. For efficiently managing the cloud infrastructure, baremetal cloud operators need to monitor the utilization of servers. However, the privacy and security concerns prohibit the installation of third-party monitoring agents on the servers; thus, finding the server-utilization becomes a challenge. In this work, we present NASCENT, a scalable machine-learning (ML) based noninvasive solution for finding the utilization of servers without compromising the privacy and security of bare-metal cloud tenants. Our key idea is to infer utilization from various sensor readings accessible via a server's baseboard management controller (BMC) hardware. We evaluate the proposed solution with three regression based supervised ML algorithms in a Bare-metal-as-a-service (BMaaS) cloud. Our experimental evaluation shows that one of the ML algorithms employed in NASCENT infers the utilization with a rootmean-square error (RMSE) between 2.9 to 8.7 for different workloads. Also, the proposed solution uses minimal memory resources (19 KB) and can even run on BMC hardware which has very limited memory. We also propose a BMaaS cloud architecture that seamlessly integrates automated training and deployment of the ML algorithm in our solution into the life-cycle of bare-metal servers. NASCENT's codebase can be found at https://github.com/iithcandle/dhi-ojas

show abstract

Section: Related Workmentioning

confidence: 99%