TY - GEN
T1 - Understanding the security of discrete GPUs
AU - Zhu, Zhiting
AU - Kim, Sangman
AU - Rozhanski, Yuri
AU - Hu, Yige
AU - Witchel, Emmett
AU - Silberstein, Mark
N1 - Publisher Copyright: © 2017 Copyright held by the owner/author(s).
PY - 2017/2/4
Y1 - 2017/2/4
N2 - GPUs have become an integral part of modern systems, but their implications for system security are not yet clear. This paper demonstrates both that discrete GPUs cannot be used as secure co-processors and that GPUs provide a stealthy platform for malware. First, we examine a recent proposal to use discrete GPUs as secure co-processors and show that the security guarantees of the proposed system do not hold on the GPUs we investigate. Second, we demonstrate that (under certain circumstances) it is possible to bypass IOMMU protections and create stealthy, long-lived GPU-based malware. We demonstrate a novel attack that compromises the in-kernel GPU driver and one that compromises GPU microcode to gain full access to CPU physical memory. In general, we find that the highly sophisticated, but poorly documented GPU hardware architecture, hidden behind obscure close-source device drivers and vendor-specific APIs, not only make GPUs a poor choice for applications requiring strong security, but also make GPUs into a security threat.
AB - GPUs have become an integral part of modern systems, but their implications for system security are not yet clear. This paper demonstrates both that discrete GPUs cannot be used as secure co-processors and that GPUs provide a stealthy platform for malware. First, we examine a recent proposal to use discrete GPUs as secure co-processors and show that the security guarantees of the proposed system do not hold on the GPUs we investigate. Second, we demonstrate that (under certain circumstances) it is possible to bypass IOMMU protections and create stealthy, long-lived GPU-based malware. We demonstrate a novel attack that compromises the in-kernel GPU driver and one that compromises GPU microcode to gain full access to CPU physical memory. In general, we find that the highly sophisticated, but poorly documented GPU hardware architecture, hidden behind obscure close-source device drivers and vendor-specific APIs, not only make GPUs a poor choice for applications requiring strong security, but also make GPUs into a security threat.
UR - http://www.scopus.com/inward/record.url?scp=85016026753&partnerID=8YFLogxK
U2 - 10.1145/3038228.3038233
DO - 10.1145/3038228.3038233
M3 - منشور من مؤتمر
T3 - Proceedings of the General Purpose GPUs, GPGPU-10 2017
SP - 1
EP - 11
BT - Proceedings of the General Purpose GPUs, GPGPU-10 2017
T2 - 10th Workshop on General Purpose GPUs, GPGPU 2017
Y2 - 4 February 2017 through 8 February 2017
ER -