On the effectiveness of using graphics interrupt as a side channel for user behavior snooping

On the effectiveness of using graphics interrupt as a side channel for user behavior snooping

Graphics Processing Units (GPUs) are now a key component of many devices and systems, including those in the cloud and data centers, thus are also subject to side-channel attacks. Existing side-channel attacks on GPUs typically leak information from graphics libraries like OpenGL and CUDA, which req...

全面介紹

Saved in:
書目詳細資料
Main Authors: MA, Haoyu, TIAN, Jianwen, GAO, Debin, JIA, Chunfu
格式: text
語言:English
出版: Institutional Knowledge at Singapore Management University 2022
主題:
Side-channel attacks
GPU
graphics interrupts
machine learning
Graphics and Human Computer Interfaces
在線閱讀:https://ink.library.smu.edu.sg/sis_research/6749
https://ink.library.smu.edu.sg/context/sis_research/article/7752/viewcontent/tdsc_2021_2.pdf
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
機構: Singapore Management University
語言: English
實物特徵
總結:Graphics Processing Units (GPUs) are now a key component of many devices and systems, including those in the cloud and data centers, thus are also subject to side-channel attacks. Existing side-channel attacks on GPUs typically leak information from graphics libraries like OpenGL and CUDA, which require creating contentions within the GPU resource space and are being mitigated with software patches. This paper evaluates potential side channels exposed at a lower-level interface between GPUs and CPUs, namely the graphics interrupts. These signals could indicate unique signatures of GPU workload, allowing a spy process to infer the behavior of other processes. We demonstrate the practicality and generality of such side-channel exploitation with a variety of assumed attack scenarios. Simulations on both Nvidia and Intel graphics adapters showed that our attack could achieve high accuracy, while in-depth studies were also presented to explore the low-level rationale behind such effectiveness. On top of that, we further propose a practical mitigation scheme which protects GPU workloads against the graphics-interrupt-based side-channel attack by piggybacking mask payloads on them to generate interfering graphics interrupt “noises”. Experiments show that our mitigation technique effectively prohibited spy processes from inferring user behaviors via analyzing runtime patterns of graphics interrupt with only trivial overhead.

相似書籍