Dark Side of the Shader: Mobile GPU-Aided Malware Delivery

Danisevskis, Janis; Piekarska, Marta; Seifert, Jean-Pierre

doi:10.1007/978-3-319-12160-4_29

Cited by 9 publications

(6 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several examples of GPU-assisted malware have been analyzed so far (Vasiliadis et al, Oct 2010;Ladakis et al, 2013;Triulzi, 2008;Danisevskis et al, 2014). For instance, in Ladakis et al (2013) the GPU is used to implement a stealthy keylogger.…”

Section: Related Workmentioning

confidence: 97%

See 1 more Smart Citation

The impact of GPU-assisted malware on memory forensics: A case study

Balzarotti

Pietro²,

Villani

2015

Digital Investigation

View full text Add to dashboard Cite

a b s t r a c tIn this paper we assess the impact of GPU-assisted malware on memory forensics. In particular, we first introduce four different techniques that malware can adopt to hide its presence. We then present a case study on a very popular family of Intel GPUs, and we analyze in which cases the forensic analysis can be performed using only the host's memory and in which cases it requires access to the GPU's memory. Our analysis shows that, by offloading some computation to the GPUs, it is possible to successfully hide some malicious behavior. Furthermore, we provide suggestions and insights about which artifacts could be used to detect the presence of GPU-assisted malware.

show abstract

Section: Related Workmentioning

confidence: 97%

“…In Triulzi (2008) the author shows how the GPU and NIC with a malicious firmware can be used to exfiltrate data from the host's memory. Finally, in Danisevskis et al (2014) the authors describe an attack targeting a mobile GPU. In such case a vulnerability in the driver is exploited to take over the memory protection mechanism of the GPU.…”

Section: Related Workmentioning

confidence: 99%

The impact of GPU-assisted malware on memory forensics: A case study

Balzarotti

Pietro²,

Villani

2015

Digital Investigation

View full text Add to dashboard Cite

show abstract

“…Our research results show that the TDR is not foolproof. There are still potential vulnerabilities that attackers can exploit to bypass the TDR and execute malicious code on the GPU memory [47]. We tempted attacks on windows 7 with Nvidia GPU and Intel GPU, windows 10 with Nvidia GPU and Intel GPU and Windows 11 with integrated iRIS GPU.…”

Section: Gpu Dos Vulnerabilitiesmentioning

confidence: 99%

Sidebar Attacks on Gpus

2023

IRJMETS

View full text Add to dashboard Cite

Sidebar attacks on graphics processing units (GPUs) are a potential security threat to modern GPU architectures. We examine the feasibility of such attacks and the potential defences that could be implemented. Specifically, sidebar attacks occur through the architectural side channel of GPUs such as Open Computing Library (OpenCL), Web Graphic Library (WebGL) and Compute Unified Device Architecture (CUDA). Furthermore, we analyse GPU DOS attacks and memory exploitation attack strategies as entry into the GPU memory. In addition, the potential for operating system-level protections, such as Timeout Detection and Recovery (TDR), to detect and respond to such attacks is also analysed. Finally, a series of experiments demonstrate the efficacy of the proposed defences and the potential of sidebar attacks on GPUs. In these experiments, we found that memory isolation, Address Space Layout Randomisation (ASLR) and TDR on the operating system's timer can effectively prevent sidebar attacks on GPUs.

show abstract

“…They also recommend that checking the graphic page tables, hangcheck flag, list of buffer objects, contexts and register files can provide an insight into the type of malware present. Danisevskis et al [37] demonstrate an attack whereby an adversary can exploit DMA to bypass GPU memory protection schemes and gain access to privileged regions of the memory. They demonstrate these attacks on an Android smart-phone with sound memory isolation and security mechanisms.…”

Section: Tablementioning

confidence: 99%

A Survey of Techniques for Improving Security of GPUs

et al. 2018

View full text Add to dashboard Cite

Graphics processing unit (GPU), although a powerful performance-booster, also has many security vulnerabilities. Due to these, the GPU can act as a safe-haven for stealthy malware and the weakest 'link' in the security 'chain'. In this paper, we present a survey of techniques for analyzing and improving GPU security. We classify the works on key attributes to highlight their similarities and differences. More than informing users and researchers about GPU security techniques, this survey aims to increase their awareness about GPU security vulnerabilities and potential countermeasures.

show abstract

Dark Side of the Shader: Mobile GPU-Aided Malware Delivery

Cited by 9 publications

References 5 publications

The impact of GPU-assisted malware on memory forensics: A case study

The impact of GPU-assisted malware on memory forensics: A case study

Sidebar Attacks on Gpus

A Survey of Techniques for Improving Security of GPUs

Contact Info

Product

Resources

About