skip to main content
10.1145/3266444.3266448acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
short-paper
Public Access

Acoustic Denial of Service Attacks on Hard Disk Drives

Published:15 January 2018Publication History

ABSTRACT

Bridging concepts from information security and resonance theory, we propose a novel denial of service attack against hard disk drives (HDDs). In this attack, acoustic signals are used to cause rotational vibrations in HDD platters in an attempt to create failures in read/write operations, ultimately halting the correct operation of HDDs. We perform a comprehensive examination of multiple HDDs to characterize the attack and show the feasibility of the attack in two real-world systems, namely, surveillance devices and personal computers. Our attack highlights an overlooked security vulnerability of HDDs, introducing a new threat that can potentially endanger the security of numerous systems.

References

  1. HDDs and SSDs: global shipments 2015--2021. https://www.statista.com/statistics/285474/hdds-and-ssds-in-pcs-global-shipments-2012--2017/. Accessed: 2018--2--6.Google ScholarGoogle Scholar
  2. Loud sounds can kill computer hard drives. http://www.abc.net.au/radionational/programs/greatmomentsinscience/loud-sounds-can-kill-computer-hard-drives/7938388 . Accessed: 2017--12--10.Google ScholarGoogle Scholar
  3. Resonance attack against HDD. https://www.youtube.com/watch?v=8DdqTz3CW5Y. Accessed: 2017--11--19.Google ScholarGoogle Scholar
  4. Shouting in the Datacenter. https://www.youtube.com/watch?v=tDacjrSCeq4. Accessed: 2017--12--10.Google ScholarGoogle Scholar
  5. AlShaikh, A., and Sedky, M. Post incident analysis framework for automated video forensic investigation. International Journal of Computer Applications 135, 12 (2016), 1--7.Google ScholarGoogle ScholarCross RefCross Ref
  6. Backes, M., Dürmuth, M., Gerling, S., Pinkal, M., and Sporleder, C. Acoustic side-channel attacks on printers. In USENIX Security Symp. (2010), pp. 307--322. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Biedermann, S., Katzenbeisser, S., and Szefer, J. Hard drive side-channel attacks using smartphone magnetic field sensors. In International Conference on Financial Cryptography and Data Security (2015), Springer, pp. 489--496.Google ScholarGoogle ScholarCross RefCross Ref
  8. Bolton, C., Rampazzi, S., Li, C., Kwong, A., Xu, W., and Fu, K. Blue Note: How intentional acoustic interference damages availability and integrity in hard disk drives and operating systems. In 2018 IEEE Symposium on Security and Privacy (SP) (2018), pp. 824--838.Google ScholarGoogle ScholarCross RefCross Ref
  9. Carlini, N., Mishra, P., Vaidya, T., Zhang, Y., Sherr, M., Shields, C., Wagner, D., and Zhou, W. Hidden voice commands. In USENIX Security Symposium (2016), pp. 513--530. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Chan, C. S., Pan, B., Gross, K., Vaidyanathan, K., and Rosing, T. v. Correcting vibration-induced performance degradation in enterprise servers. SIGMETRICS Perform. Eval. Rev. 41, 3 (Jan. 2014), 83--88. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Dean, R. N., Castro, S. T., Flowers, G. T., Roth, G., Ahmed, A., Hodel, A. S., Grantham, B. E., Bittle, D. A., and Brunsch, J. P. A characterization of the performance of a MEMS gyroscope in acoustically harsh environments. IEEE Transactions on Industrial Electronics 58, 7 (2011), 2591--2596.Google ScholarGoogle ScholarCross RefCross Ref
  12. Dean, R. N., Flowers, G. T., Hodel, A. S., Roth, G., Castro, S., Zhou, R., Moreira, A., Ahmed, A., Rifki, R., Grantham, B. E., et al. On the degradation of MEMS gyroscope performance in the presence of high power acoustic noise. In Industrial Electronics, 2007. ISIE 2007. IEEE International Symposium on (2007), IEEE, pp. 1435--1440.Google ScholarGoogle ScholarCross RefCross Ref
  13. Flax, L., Gaunaurd, G. C., and Uberall, H. Theory of resonance scattering. Physical acoustics 15 (1981), 191--294.Google ScholarGoogle Scholar
  14. Guri, M., Solewicz, Y., Daidakulov, A., and Elovici, Y. Acoustic data exfiltration from speakerless air-gapped computers via covert hard-drive noise (DiskFiltration). Springer International Publishing, Cham, 2017, pp. 98--115.Google ScholarGoogle ScholarCross RefCross Ref
  15. Igami, M., and Uetake, K. Mergers, innovation, and entry-exit dynamics: Consolidation of the hard disk drive industry, 1996--2015, 2016.Google ScholarGoogle Scholar
  16. Li, J., Ji, X., Jia, Y., Zhu, B., Wang, G., Li, Z., and Liu, X. Hard drive failure prediction using classification and regression trees. In Dependable Systems and Networks (DSN), 44th Annual IEEE/IFIP Int. Conference on (2014), IEEE, pp. 383--394. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Mahdisoltani, F., Stefanovici, I., and Schroeder, B. Proactive error prediction to improve storage system reliability. In 2017 USENIX Annual Technical Conference (USENIX ATC 17) (Santa Clara, CA, 2017), USENIX Association, pp. 391--402. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Manousakis, I., Sankar, S., McKnight, G., Nguyen, T. D., and Bianchini, R. Environmental conditions and disk reliability in free-cooled datacenters. In 14th USENIX Conference on File and Storage Technologies (FAST 16) (Santa Clara, CA, 2016), USENIX Association, pp. 53--65. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Matyunin, N., Szefer, J., Biedermann, S., and Katzenbeisser, S. Covert channels using mobile device's magnetic field sensors. In 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC) (Jan 2016), pp. 525--532.Google ScholarGoogle ScholarCross RefCross Ref
  20. Mosenia, A., and Jha, N. K. A comprehensive study of security of Internet-of-Things. IEEE Transactions on Emerging Topics in Computing 5, 4 (2017), 586--602.Google ScholarGoogle ScholarCross RefCross Ref
  21. Nia, A. M., Sur-Kolay, S., Raghunathan, A., and Jha, N. K. Physiological information leakage: A new frontier in health information security. IEEE Transactions on Emerging Topics in Computing 4, 3 (2016), 321--334.Google ScholarGoogle Scholar
  22. Parker, J. E. Towards an acoustic jurisprudence: Law and the long range acoustic device. Law, Culture and the Humanities 14, 2 (2018), 202--218.Google ScholarGoogle Scholar
  23. Re, M. Hackers can now steal data by listening to the sound of a computer's hard drive. https://www.forbes.com/sites/tomcoughlin/2015/06/28/progress-in-hdd-areal-density/#4f4554a61671. Accessed: 2017--12--10.Google ScholarGoogle Scholar
  24. Re, M. Tech talk on HDD areal density. https://www.seagate.com/www-content/investors/_shared/docs/tech-talk-mark-re-20150825.pdf. Accessed: 2017--12--10.Google ScholarGoogle Scholar
  25. Schroeder, B., and Gibson, G. A. Disk failures in the real world: What does an MTTF of 1,000,000 hours mean to you? In FAST (2007), vol. 7, pp. 1--16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Shahrad, M., and Wentzlaff, D. Availability Knob: Flexible user-defined availability in the cloud. In Proceedings of the Seventh ACM Symposium on Cloud Computing (2016), SoCC '16, ACM, pp. 42--56. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Son, Y., Shin, H., Kim, D., Park, Y., Noh, J., Choi, K., Choi, J., and Kim, Y. Rocking drones with intentional sound noise on gyroscopic sensors. In 24th USENIX Security Symposium (2015), USENIX Association, pp. 881--896. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Song, L., and Mittal, P. Inaudible voice commands. arXiv preprint arXiv:1708.07238 (2017).Google ScholarGoogle Scholar
  29. Trippel, T., Weisse, O., Xu, W., Honeyman, P., and Fu, K. WALNUT: Waging doubt on the integrity of MEMS accelerometers with acoustic injection attacks. In In Proceedings of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P 2017).Google ScholarGoogle ScholarCross RefCross Ref
  30. Überall, H., Moser, P., Murphy, J., Nagl, A., Igiri, G., Subrahmanyam, J., Gaunard, G., Brill, D., Delsanto, P., Alemar, J., et al. Electromagnetic and acoustic resonance scattering theory. Wave Motion 5, 4 (1983), 307--329.Google ScholarGoogle ScholarCross RefCross Ref
  31. Vaidya, T. Cocaine Noodles: exploiting the gap between human and machine speech recognition. Presented at WOOT 15 (2015), 10--11. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Valentine, T., and Davis, J. P. Forensic facial identification: Theory and practice of identification from eyewitnesses, composites and CCTV. John Wiley & Sons, 2015.Google ScholarGoogle ScholarCross RefCross Ref
  33. Wang, W., Guo, G., and Chong, T.-C. HDD actuator resonance detection through acoustic signal analysis. IEEE transactions on magnetics 36, 5 (2000), 3585--3587.Google ScholarGoogle Scholar
  34. Wang, Y., Miao, Q., Ma, E. W., Tsui, K.-L., and Pecht, M. G. Online anomaly detection for hard disk drives based on mahalanobis distance. IEEE Transactions on Reliability 62, 1 (2013), 136--145.Google ScholarGoogle ScholarCross RefCross Ref
  35. Xu, X., and Huang, H. H. Exploring data-level error tolerance in high-performance solid-state drives. IEEE Trans. on Reliability 64, 1 (2015), 15--30.Google ScholarGoogle ScholarCross RefCross Ref
  36. Yamaguchi, T., Hirata, M., and Pang, J. C. K. High-speed precision motion control. CRC press, 2017.Google ScholarGoogle Scholar
  37. Zhang, G., Yan, C., Ji, X., Zhang, T., Zhang, T., and Xu, W. DolphinAttack: Inaudible voice commands. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (2017), CCS '17, ACM, pp. 103--117. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Acoustic Denial of Service Attacks on Hard Disk Drives

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in
      • Published in

        cover image ACM Conferences
        ASHES '18: Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security
        October 2018
        88 pages
        ISBN:9781450359962
        DOI:10.1145/3266444

        Copyright © 2018 ACM

        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 15 January 2018

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • short-paper

        Acceptance Rates

        Overall Acceptance Rate6of20submissions,30%

        Upcoming Conference

        CCS '24
        ACM SIGSAC Conference on Computer and Communications Security
        October 14 - 18, 2024
        Salt Lake City , UT , USA

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader