GPU-assisted malware

Vasiliadis, Giorgos; Polychronakis, Michalis; Ioannidis, Sotiris

doi:10.1109/malware.2010.5665801

Cited by 19 publications

(18 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While host code can be reverse engineered using standard techniques [9], there is currently very limited research into the background information necessary to investigate the CUDAbased code [22] [20].…”

Section: Reverse Engineering and Rela-tion To Cudamentioning

confidence: 99%

“…Reverse engineering of CUDA-based GPU binaries may be necessary, for example, to investigate the extent and impact of a security breach, where suspected malicious code is executed on a GPU [12] [22]. Being able to identify the operations carried out may allow an investigator to establish the potential exposure of confidential information, or to identify what operations were carried out on data previously held on the GPU [1].…”

Section: Introductionmentioning

confidence: 99%

“…Given that GPUs come into contact with potentially sensitive data being processed, they are a clear and attractive target for malicious software [22] [19]. For this reason, writers of malicious software may wish to prevent their code from being understood, and those using GPUs for data processing may wish to understand the actions a piece of software carried on their GPU.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units

Bellekens

Paul

Tachtatzis

et al. 2016

Proceedings of the 9th International Conference on Security of Information and Networks

View full text Add to dashboard Cite

This version is available at https://strathprints.strath.ac.uk/56898/ Strathprints is designed to allow users to access the research output of the University of Strathclyde. Unless otherwise explicitly stated on the manuscript, Copyright © and Moral Rights for the papers on this site are retained by the individual authors and/or other copyright owners. Please check the manuscript for details of any other licences that may have been applied. You may not engage in further distribution of the material for any profitmaking activities or any commercial gain. You may freely distribute both the url (https://strathprints.strath.ac.uk/) and the content of this paper for research or private study, educational, or not-for-profit purposes without prior permission or charge.Any correspondence concerning this service should be sent to the Strathprints administrator: strathprints@strath.ac.ukThe Strathprints institutional repository (https://strathprints.strath.ac.uk) is a digital archive of University of Strathclyde research outputs. It has been developed to disseminate open access research outputs, expose data about those outputs, and enable the management and persistent access to Strathclyde's intellectual output. Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units ABSTRACTRecent advances in the massively parallel computational abilities of graphical processing units (GPUs) have increased their use for general purpose computation, as companies look to take advantage of big data processing techniques. This has given rise to the potential for malicious software targeting GPUs, which is of interest to forensic investigators examining the operation of software. The ability to carry out reverse-engineering of software is of great importance within the security and forensics fields, particularly when investigating malicious software or carrying out forensic analysis following a successful security breach. Due to the complexity of the Nvidia CUDA (Compute Unified Device Architecture) framework, it is not clear how best to approach the reverse engineering of a piece of CUDA software. We carry out a review of the different binary output formats which may be encountered from the CUDA compiler, and their implications on reverse engineering. We then demonstrate the process of carrying out disassembly of an example CUDA application, to establish the various techniques available to forensic investigators carrying out black-box disassembly and reverse engineering of CUDA binaries. We show that the Nvidia compiler, using default settings, leaks useful information. Finally, we demonstrate techniques to better protect intellectual property in CUDA algorithm implementations from reverse engineering.

show abstract

Section: Reverse Engineering and Rela-tion To Cudamentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units

Bellekens

Paul

Tachtatzis

et al. 2016

Proceedings of the 9th International Conference on Security of Information and Networks

View full text Add to dashboard Cite

show abstract

“…Some academic studies also utilize GPUs for conducting general security attacks. Vasiliadis et al [36] shows the possibility of malware obfuscation using GPUs. First, they load an encrypted malware on a host's main memory and map its memory address to GPU memory to enable direct access on the memory from GPUs, also known as zero-copy memory [2].…”

Section: B Security Attacks Using Gpusmentioning

confidence: 99%

Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities

Lee

Kim

et al. 2014

2014 IEEE Symposium on Security and Privacy

View full text Add to dashboard Cite

Abstract-Graphics processing units (GPUs) are important components of modern computing devices for not only graphics rendering, but also efficient parallel computations. However, their security problems are ignored despite their importance and popularity. In this paper, we first perform an in-depth security analysis on GPUs to detect security vulnerabilities. We observe that contemporary, widely-used GPUs, both NVIDIA's and AMD's, do not initialize newly allocated GPU memory pages which may contain sensitive user data. By exploiting such vulnerabilities, we propose attack methods for revealing a victim program's data kept in GPU memory both during its execution and right after its termination. We further show the high applicability of the proposed attacks by applying them to the Chromium and Firefox web browsers which use GPUs for accelerating webpage rendering. We detect that both browsers leave rendered webpage textures in GPU memory, so that we can infer which webpages a victim user has visited by analyzing the remaining textures. The accuracy of our advanced inference attack that uses both pixel sequence matching and RGB histogram matching is up to 95.4%.

show abstract

“…In [60] Vasiliadis, Polychronakis, and Ioannidis describe an implementation of a malware unpacker running on an NVIDIA GPU. The complete malware package consists of two parts, the unpacker running on the GPU and the actual malware that runs on the CPU.…”

Section: Malware Targeting Gpusmentioning

confidence: 99%

Graphics Processing Units

Schwabe

2013

Secure Smart Embedded Devices, Platforms and Applications

View full text Add to dashboard Cite

Graphics Processing Units (GPUs) are coprocessors that traditionally perform the rendering of 2-dimensional and 3-dimensional graphics information for display on a screen. In particular computer games request more and more realistic real-time rendering of graphics data and so GPUs became more and more powerful highly parallel specialist computing units. It did not take long until programmers realized that this computational power can also be used for tasks other than computer graphics. For example already in 1990 Lengyel, Reichert, Donald, and Greenberg used GPUs for real-time robot motion planning [43]. In 2003 Harris introduced the term general-purpose computations on GPUs (GPGPU) [28] for such non-graphics applications running on GPUs. At that time programming general-purpose computations on GPUs meant expressing all algorithms in terms of operations on graphics data, pixels and vectors. This was feasible for speed-critical small programs and for algorithms that operate on vectors of floating-point values in a similar way as graphics data is typically processed in the rendering pipeline.The programming paradigm shifted when the two main GPU manufacturers, NVIDIA and AMD, changed the hardware architecture from a dedicated graphics-rendering pipeline to a multi-core computing platform, implemented shader algorithms of the rendering pipeline in software running on these cores, and explicitly supported general-purpose computations on GPUs by offering programming languages and software-development toolchains.This chapter first gives an introduction to the architectures of these modern GPUs and the tools and languages to program them. Then it highlights several applications of GPUs related to information security with a focus on applications in cryptography and cryptanalysis.

show abstract

GPU-assisted malware

Cited by 19 publications

References 4 publications

Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units

Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units

Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities

Graphics Processing Units

Contact Info

Product

Resources

About