Researchers uncover side-channel attacks that target the GPU
The attacks begin with a malicious app that spies on the infected system and steals passwords through GPU rendering
A team of researchers has shown how a series of attacks on a GPU can enable hackers to inflitrate a device, stealing passwords and spying on web activity.
GPUs are the devices that improve the performance of computers' graphical workloads; they are powerful and programmable computational devices.
The advanced capabilities of GPUs were originally used for 3D game rendering, but researchers have started to harness their capabilities more broadly to speed up computational workloads in areas such as scientific research, financial modelling, artificial intelligence and oil and gas exploration. GPUs are also being integrated into data centres and clouds to accelerate data-intensive workloads.
In this new study, a team of computer scientists at the University of California Riverside reverse-engineered an Nvidia GPU to demonstrate how three attacks on GPU's graphics and computational stacks can enable hackers to steal vital data from the a computer, endangering user privacy.
The researchers revealed that the attacks are enabled after the victim downloads an app with a malicious program created to observe the victim's computer.
With the first attack, hackers can track the user's activity on the web. When the user opens the malicious app, it creates a spy to collect information about the behaviour of the web browser. To create the spy, the malicious app uses OpenGL, which is accessible by any application on a system with user-level privileges. The spy then enables hackers to achieve website fingerprinting with high levels of accuracy.
The second attack enables hackers to steal user passwords. When a character is typed on the system, the malicious app uploads the complete password textbox to the GPU as a texture to be rendered. Then, hackers can 'read' the password by observing the interval time of consecutive memory allocation events and inter-keystroke timing.
With the third attack, hackers can target a computational application in the cloud. This is achieved by launching a malicious computational workload on the GPU. This workload operates along with the user's application and enables hackers to obtain the structure of victim's secret neural network.
The research paper was presented at the ACM SIGSAC Conference on Computer and Communications Security last month in Toronto, Canada. According to researchers, the findings were also reported to Nvidia, the AMD and Intel security teams.
What can artificial intelligence and machine learning do for you and your organisation?
If you don't know yet, or want to make sure that you're not missing out, Computing's first AI & Machine Learning Live event is for you. To find out more, check out the Computing AI & Machine Learning Live website. Attendance is FREE to qualifying IT leaders and senior IT pros, but places are going fast