Data remanence and digital forensic investigation for CUDA Graphics Processing Units

Bellekens, Xavier; Paul, Greig; Irvine, James; Tachtatzis, Christos; Atkinson, Robert; Kirkham, Tony; Renfrew, Craig

doi:10.1109/inm.2015.7140493

Cited by 4 publications

(6 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Data Remanence Attacks: Data remanence in the context of storage devices has been studied extensively in the literature. We refer the reader to the vast body of literature on that topic [19], [20], [4], [5]. Networks are also vulnerable to memory data remanence attacks as memory is a main component of switches.…”

Section: Related Workmentioning

confidence: 99%

More than a Fair Share: Network Data Remanence Attacks against Secret Sharing-based Schemes

Rashidi

Kostecki²,

James

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

With progress toward a practical quantum computer has come an increasingly rapid search for quantum-safe, secure communication schemes that do not rely on discrete logarithm or factorization problems. One such encryption scheme, Multi-path Switching with Secret Sharing (MSSS), combines secret sharing with multi-path switching to achieve security as long as the adversary does not have global observability of all paths and thus cannot capture enough shares to reconstruct messages. MSSS assumes that sending a share on a path is an atomic operation and all paths have the same delay. We identify a side-channel vulnerability for MSSS, created by the fact that in real networks, sending a share is not an atomic operation as paths have multiple hops and different delays. This channel, referred to as Network Data Remanence (NDR), is present in all schemes like MSSS whose security relies on transfer atomicity and all paths having the same delay. We demonstrate the presence of NDR in a physical testbed. We then identify two new attacks that aim to exploit the side-channel, referred to as NDR Blind and NDR Planned, propose an analytical model to analyze the attacks, and demonstrate them using an implementation of MSSS based on the ONOS SDN controller. Finally, we present a countermeasure for the attacks and show its effectiveness in simulations and Mininet experiments. DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.

show abstract

Section: Related Workmentioning

confidence: 99%

More than a Fair Share: Network Data Remanence Attacks against Secret Sharing-based Schemes

Rashidi

Kostecki²,

James

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Bellekens et al [36] discuss ways in which remanent sensitive data may be leaked from the global, shared and texture memory of a GPU. For GlM, a benign user transfers data from the host to the GPU using cudaMalloc and cudaMemcpy.…”

Section: Leakage Through Processor Componentsmentioning

confidence: 99%

A Survey of Techniques for Improving Security of GPUs

et al. 2018

View full text Add to dashboard Cite

Graphics processing unit (GPU), although a powerful performance-booster, also has many security vulnerabilities. Due to these, the GPU can act as a safe-haven for stealthy malware and the weakest 'link' in the security 'chain'. In this paper, we present a survey of techniques for analyzing and improving GPU security. We classify the works on key attributes to highlight their similarities and differences. More than informing users and researchers about GPU security techniques, this survey aims to increase their awareness about GPU security vulnerabilities and potential countermeasures.

show abstract

“…Having the ability to investigate the operation of CUDAbased software is of great importance, specifically given the well-documented use of GPUs for the unauthorised processing of potentially confidential data [1], as well as for use in compression and cryptography [15]. With sensitive data routinely being exposed to GPUs, the ability for forensic investigators to respond to security incidents involving the potential compromise of these systems and rapidly investigate the precise nature of the suspect code involved, is critical to presenting an effective incident response.…”

Section: Reverse Engineering and Rela-tion To Cudamentioning

confidence: 99%

“…Being able to identify the operations carried out may allow an investigator to establish the potential exposure of confidential information, or to identify what operations were carried out on data previously held on the GPU [1]. Analysis may be necessary for the purpose of creating intrusion detection system signatures [2] or the detection and classification of similar threats in future.…”

Section: Introductionmentioning

confidence: 99%

“…In the case of forensic investigation, the ability to analyse GPU-based memory may yield important clues as to the data which was processed by the GPU and therefore what data may have been accessed by an attacker, as a result of data remanence on GPUs [1]. This analysis, however, requires a forensic investigator to know specific details of memory allocation of the CUDA binary, which would need to be obtained through reverse engineering of the target CUDA software.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units

Bellekens

Paul

Tachtatzis

et al. 2016

Proceedings of the 9th International Conference on Security of Information and Networks

Self Cite

View full text Add to dashboard Cite

This version is available at https://strathprints.strath.ac.uk/56898/ Strathprints is designed to allow users to access the research output of the University of Strathclyde. Unless otherwise explicitly stated on the manuscript, Copyright © and Moral Rights for the papers on this site are retained by the individual authors and/or other copyright owners. Please check the manuscript for details of any other licences that may have been applied. You may not engage in further distribution of the material for any profitmaking activities or any commercial gain. You may freely distribute both the url (https://strathprints.strath.ac.uk/) and the content of this paper for research or private study, educational, or not-for-profit purposes without prior permission or charge.Any correspondence concerning this service should be sent to the Strathprints administrator: strathprints@strath.ac.ukThe Strathprints institutional repository (https://strathprints.strath.ac.uk) is a digital archive of University of Strathclyde research outputs. It has been developed to disseminate open access research outputs, expose data about those outputs, and enable the management and persistent access to Strathclyde's intellectual output. Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units ABSTRACTRecent advances in the massively parallel computational abilities of graphical processing units (GPUs) have increased their use for general purpose computation, as companies look to take advantage of big data processing techniques. This has given rise to the potential for malicious software targeting GPUs, which is of interest to forensic investigators examining the operation of software. The ability to carry out reverse-engineering of software is of great importance within the security and forensics fields, particularly when investigating malicious software or carrying out forensic analysis following a successful security breach. Due to the complexity of the Nvidia CUDA (Compute Unified Device Architecture) framework, it is not clear how best to approach the reverse engineering of a piece of CUDA software. We carry out a review of the different binary output formats which may be encountered from the CUDA compiler, and their implications on reverse engineering. We then demonstrate the process of carrying out disassembly of an example CUDA application, to establish the various techniques available to forensic investigators carrying out black-box disassembly and reverse engineering of CUDA binaries. We show that the Nvidia compiler, using default settings, leaks useful information. Finally, we demonstrate techniques to better protect intellectual property in CUDA algorithm implementations from reverse engineering.

show abstract

Data remanence and digital forensic investigation for CUDA Graphics Processing Units

Cited by 4 publications

References 10 publications

More than a Fair Share: Network Data Remanence Attacks against Secret Sharing-based Schemes

More than a Fair Share: Network Data Remanence Attacks against Secret Sharing-based Schemes

A Survey of Techniques for Improving Security of GPUs

Strategies for Protecting Intellectual Property when Using CUDA Applications on Graphics Processing Units

Contact Info

Product

Resources

About