GPUs: Excellent Performance, But What About Security?

By Sparsh Mittal

May 31, 2018

Editor’s note: CPU security has grabbed the tech world’s attention in the wake of the Meltdown and Spectre vulnerability discoveries, but with the rise of GPU-computing and heterogeneous computing, security is not just a central processor concern. Computer scientist Sparsh Mittal is pioneering research into GPU security and has offered this article as a synopsis of his Survey of Techniques for Improving Security of GPUs (coauthored with Abhinaya S B, Manish Reddy, and Irfan Ali).

Mittal also shared some additional context on why this issue would be of concern to HPC users and adminstrators.

“Large HPC systems/clusters are invariably shared among multiple users. Hence, the impact of “denial-of-service” attack, (which implies making GPU too busy to prevent it from servicing other users’ request) becomes high. This attack is relatively easy to launch, but as you can see from Table 9 of our paper, major operating systems, e.g., Windows 7/XP, Mac OS X and Redhat Linux do not offer protection from this attack,” he wrote via email.

“Another way to look at the impact on HPC consumers is: security comes at performance cost. For example, in existing GPUs, only one cudaContext can run at a time and thus, a data-leakage attack can obtain only the final snapshot of the previous process. However, to better utilize GPU resources, future GPUs may allow multiprogramming and thus, multiple kernels can run simultaneously on GPUs. However, this makes GPUs vulnerable to covert-channel attack, since an attacker can co-locate a trojan process which can leak the data of a running process.”

GPUs, which were originally used for a narrow range of graphics applications, are now spreading their wings to a broad spectrum of compute-intensive and mission-critical applications, most notably, cryptography, finance, health, space and defense. After passing the initial ‘rounds’ of scrutiny on the metrics of performance and energy, it is time that GPUs face and pass the test on the metric of security, which is especially crucial in mission-critical applications.

The ESEA company incident

Recently, a malicious person hid a bitcoin miner in ESEA (a video game service) software. This miner used the GPUs in users’ machines to earn cryptocurrency without their knowledge. The miner overheated and harmed the machines by overloading the GPUs.

Security threats are real and far-reaching!

While overloading others’ GPUs is certainly a threat, there are other, even more severe, threats which have been recently brought to light. For example, in GPU memories, such as global, shared and local memory, deallocated data are not erased. This can allow a malicious agent to launch an information leakage attack and leak sensitive data such as credit card numbers and email contents from remnant data in GPU memory. Similarly, an attacker can guess the opened tabs from Google chrome, figure-portions from recently-opened Adobe Reader documents and portions of images from MATLAB.

To allow sharing GPUs among multiple users, major cloud services provide GPU computing platforms. However, different users in the cloud computing scenario may not trust other. For example, an adversary can rent a GPU-based virtual machine (VM) and leak information of users using other VMs on the same system via GPU memory. Clearly, with GPU virtualization approach, the risks of information-leakage are even higher than that with native execution.

Further, in the absence of rigorous memory-access protection mechanisms, an adversary can launch buffer overflow attack (e.g., stack overflow and heap overflow) for corrupting sensitive data or changing the execution flow. Also, since WebGL allows browsers to utilize GPUs for accelerating webpage rendering, an attacker can launch denial-of-service attack by enticing a user to open a malicious website which overloads user’s GPUs. Furthermore, GPUs may host malware such as keyboard loggers that stealthily log keyboard activity for stealing sensitive data.

In fact, due to their computational capabilities, GPUs are used for accelerating encryption algorithms such as AES (advanced encryption standard). However, while GPU is performing encryption, an attacker can leak the key by launching a side-channel attack. For example, he can leverage the correlation between execution time and shared-memory conflicts or the number of coalesced accesses sent to global memory. Our recent survey paper reviews all these attacks, along with their countermeasures in more detail.

Security through obscurity: a mixed blessing

GPU vendors take “security-through-obscurity approach” for securing GPUs. While lack of knowledge about GPU microarchitecture makes it difficult for malicious agents to launch an attack, it also makes it difficult for researchers to propose security solutions. Evidently, security-through-obscurity approach, per se, is not sufficient for ensuring GPU security.

CPU based solutions: not enough

The decades of research on CPU security may be useful, but not sufficient, for designing GPU security solutions. After launching the program on the GPU, the CPU remains isolated and thus, it cannot monitor the execution of GPU. Hence, security mechanisms proposed on CPUs, such as a CPU taint-tracking scheme may not work for GPUs. For example, they may not detect a GPU-resident malware and thus, an attacker can load a compressed/encrypted code on GPU and then call a GPU kernel to quickly unpack/decrypt the code which starts working as a malware. Similarly, since a sharp increase in GPU load is likely to go undetected more easily compared to that in CPU load, a GPU malware is stealthier. Clearly, we need novel, GPU-specific solutions for ensuring its security.

The silver lining

Although these threats exist, there are also reasons which make it difficult to attack a GPU. With its huge number of threads, GPU can simultaneously perform multiple encryptions and hence, the timing of individual encryptions cannot be measured. This makes it more difficult to form accurate timing side-channel. Also, in a cloud environment, both the cloud and GPU architectures offer layers of obscurity which makes it difficult to launch an attack on GPUs. Further, some of the vulnerabilities in earlier GPU hardware/drivers have been addressed in their recent versions.

Nonetheless, the task of securing GPUs is a never-ending one since, while some researchers design a secure GPU or propose a security technique, others point out its vulnerabilities. Since even one loophole in security can be exploited to take full-control of the system, the goal of security requires the architects to be always on vigil!

Implications on the future processing units (PUs)

With the era of AI ushering in, nearly every leading vendor is designing their own custom PUs for accelerating AI applications, such as the tensor processing unit (TPU) from Google. Just as GPUs rose to prominence in the last decade, these PUs are also expected to break previous performance records in very near future. But before we get too far optimizing these PUs for performance, it is imperative that we design them with security as the first-class design constraint, instead of retrofitting for it. The experiences of and failures in securing GPUs can teach us a lot in this regard. Let us learn from the history, instead of repeating it!

About the Author

Sparsh Mittal received the B.Tech. degree in electronics and communications engineering from IIT, Roorkee, India and the Ph.D. degree in computer engineering from Iowa State University (ISU), USA. He worked as a Post-Doctoral Research Associate at Oak Ridge National Lab (ORNL), USA for 3 years. He is currently working as an assistant professor at IIT Hyderabad, India. He was the graduating topper of his batch in B.Tech and has received fellowship from ISU and performance award from ORNL. Sparsh has published more than 70 papers in top conferences and journals. His research interests include accelerators for machine learning, non-volatile memory, and GPU architectures. His webpage is http://www.iith.ac.in/~sparsh/

Subscribe to HPCwire's Weekly Update!

Be the most informed person in the room! Stay ahead of the tech trends with industy updates delivered to you every week!

What’s New in HPC Research: Quantum Clouds, Interatomic Models, Genetic Algorithms & More

February 14, 2020

In this bimonthly feature, HPCwire highlights newly published research in the high-performance computing community and related domains. From parallel programming to exascale to quantum computing, the details are here. Read more…

By Oliver Peckham

The Massive GPU Cloudburst Experiment Plays a Smaller, More Productive Encore

February 13, 2020

In November, researchers at the San Diego Supercomputer Center (SDSC) and the IceCube Particle Astrophysics Center (WIPAC) set out to break the internet – or at least, pull off the cloud HPC equivalent. As part of thei Read more…

By Oliver Peckham

ORNL Team Develops AI-based Cancer Text Mining Tool on Summit

February 13, 2020

A group of Oak Ridge National Laboratory researchers working on the Summit supercomputer has developed a new neural network tool for fast extraction of information from cancer pathology reports to speed research and clin Read more…

By John Russell

Nature Serves up Another Challenge to Quantum Computing?

February 13, 2020

Just when you thought it was safe to assume quantum computing – though distant – would eventually succumb to clever technology, another potentially confounding factor pops up. It’s the Heisenberg Limit (HL), close Read more…

By John Russell

Researchers Enlist Three Supercomputers to Apply Deep Learning to Extreme Weather

February 12, 2020

When it comes to extreme weather, an errant forecast can have serious effects. While advance warning can give people time to prepare for the weather as it did with the polar vortex last year, the absence of accurate adva Read more…

By Oliver Peckham

AWS Solution Channel

Challenging the barriers to High Performance Computing in the Cloud

Cloud computing helps democratize High Performance Computing by placing powerful computational capabilities in the hands of more researchers, engineers, and organizations who may lack access to sufficient on-premises infrastructure. Read more…

IBM Accelerated Insights

Intelligent HPC – Keeping Hard Work at Bay(es)

Since the dawn of time, humans have looked for ways to make their lives easier. Over the centuries human ingenuity has given us inventions such as the wheel and simple machines – which help greatly with tasks that would otherwise be extremely laborious. Read more…

Eni to Retake Industry HPC Crown with Launch of HPC5

February 12, 2020

With the launch of its Dell-built HPC5 system, Italian energy company Eni regains its position atop the industrial supercomputing leaderboard. At 52-petaflops peak, HPC5 should easily crack the top ten fold of the next T Read more…

By Tiffany Trader

The Massive GPU Cloudburst Experiment Plays a Smaller, More Productive Encore

February 13, 2020

In November, researchers at the San Diego Supercomputer Center (SDSC) and the IceCube Particle Astrophysics Center (WIPAC) set out to break the internet – or Read more…

By Oliver Peckham

Eni to Retake Industry HPC Crown with Launch of HPC5

February 12, 2020

With the launch of its Dell-built HPC5 system, Italian energy company Eni regains its position atop the industrial supercomputing leaderboard. At 52-petaflops p Read more…

By Tiffany Trader

Trump Budget Proposal Again Slashes Science Spending

February 11, 2020

President Donald Trump’s FY2021 U.S. Budget, submitted to Congress this week, again slashes science spending. It’s a $4.8 trillion statement of priorities, Read more…

By John Russell

Policy: Republicans Eye Bigger Science Budgets; NSF Celebrates 70th, Names Idea Machine Winners

February 5, 2020

It’s a busy week for science policy. Yesterday, the National Science Foundation announced winners of its 2026 Idea Machine contest seeking directions for futu Read more…

By John Russell

Fujitsu A64FX Supercomputer to Be Deployed at Nagoya University This Summer

February 3, 2020

Japanese tech giant Fujitsu announced today that it will supply Nagoya University Information Technology Center with the first commercial supercomputer powered Read more…

By Tiffany Trader

Intel Stopping Nervana Development to Focus on Habana AI Chips

February 3, 2020

Just two months after acquiring Israeli AI chip start-up Habana Labs for $2 billion, Intel is stopping development of its existing Nervana neural network proces Read more…

By John Russell

Lise Supercomputer, Part of HLRN-IV, Begins Operations

January 29, 2020

The second phase of the build-out of HLRN-IV – the planned 16 peak-petaflops supercomputer serving the North-German Supercomputing Alliance (HLRN) – is unde Read more…

By Staff report

IBM Debuts IC922 Power Server for AI Inferencing and Data Management

January 28, 2020

IBM today launched a Power9-based inference server – the IC922 – that features up to six Nvidia T4 GPUs, PCIe Gen 4 and OpenCAPI connectivity, and can accom Read more…

By John Russell

Julia Programming’s Dramatic Rise in HPC and Elsewhere

January 14, 2020

Back in 2012 a paper by four computer scientists including Alan Edelman of MIT introduced Julia, A Fast Dynamic Language for Technical Computing. At the time, t Read more…

By John Russell

Cray, Fujitsu Both Bringing Fujitsu A64FX-based Supercomputers to Market in 2020

November 12, 2019

The number of top-tier HPC systems makers has shrunk due to a steady march of M&A activity, but there is increased diversity and choice of processing compon Read more…

By Tiffany Trader

SC19: IBM Changes Its HPC-AI Game Plan

November 25, 2019

It’s probably fair to say IBM is known for big bets. Summit supercomputer – a big win. Red Hat acquisition – looking like a big win. OpenPOWER and Power processors – jury’s out? At SC19, long-time IBMer Dave Turek sketched out a different kind of bet for Big Blue – a small ball strategy, if you’ll forgive the baseball analogy... Read more…

By John Russell

Intel Debuts New GPU – Ponte Vecchio – and Outlines Aspirations for oneAPI

November 17, 2019

Intel today revealed a few more details about its forthcoming Xe line of GPUs – the top SKU is named Ponte Vecchio and will be used in Aurora, the first plann Read more…

By John Russell

Dell Ramps Up HPC Testing of AMD Rome Processors

October 21, 2019

Dell Technologies is wading deeper into the AMD-based systems market with a growing evaluation program for the latest Epyc (Rome) microprocessors from AMD. In a Read more…

By John Russell

IBM Unveils Latest Achievements in AI Hardware

December 13, 2019

“The increased capabilities of contemporary AI models provide unprecedented recognition accuracy, but often at the expense of larger computational and energet Read more…

By Oliver Peckham

SC19: Welcome to Denver

November 17, 2019

A significant swath of the HPC community has come to Denver for SC19, which began today (Sunday) with a rich technical program. As is customary, the ribbon cutt Read more…

By Tiffany Trader

D-Wave’s Path to 5000 Qubits; Google’s Quantum Supremacy Claim

September 24, 2019

On the heels of IBM’s quantum news last week come two more quantum items. D-Wave Systems today announced the name of its forthcoming 5000-qubit system, Advantage (yes the name choice isn’t serendipity), at its user conference being held this week in Newport, RI. Read more…

By John Russell

Leading Solution Providers

SC 2019 Virtual Booth Video Tour

AMD
AMD
ASROCK RACK
ASROCK RACK
AWS
AWS
CEJN
CJEN
CRAY
CRAY
DDN
DDN
DELL EMC
DELL EMC
IBM
IBM
MELLANOX
MELLANOX
ONE STOP SYSTEMS
ONE STOP SYSTEMS
PANASAS
PANASAS
SIX NINES IT
SIX NINES IT
VERNE GLOBAL
VERNE GLOBAL
WEKAIO
WEKAIO

Jensen Huang’s SC19 – Fast Cars, a Strong Arm, and Aiming for the Cloud(s)

November 20, 2019

We’ve come to expect Nvidia CEO Jensen Huang’s annual SC keynote to contain stunning graphics and lively bravado (with plenty of examples) in support of GPU Read more…

By John Russell

51,000 Cloud GPUs Converge to Power Neutrino Discovery at the South Pole

November 22, 2019

At the dead center of the South Pole, thousands of sensors spanning a cubic kilometer are buried thousands of meters beneath the ice. The sensors are part of Ic Read more…

By Oliver Peckham

Fujitsu A64FX Supercomputer to Be Deployed at Nagoya University This Summer

February 3, 2020

Japanese tech giant Fujitsu announced today that it will supply Nagoya University Information Technology Center with the first commercial supercomputer powered Read more…

By Tiffany Trader

Top500: US Maintains Performance Lead; Arm Tops Green500

November 18, 2019

The 54th Top500, revealed today at SC19, is a familiar list: the U.S. Summit (ORNL) and Sierra (LLNL) machines, offering 148.6 and 94.6 petaflops respectively, Read more…

By Tiffany Trader

Azure Cloud First with AMD Epyc Rome Processors

November 6, 2019

At Ignite 2019 this week, Microsoft's Azure cloud team and AMD announced an expansion of their partnership that began in 2017 when Azure debuted Epyc-backed instances for storage workloads. The fourth-generation Azure D-series and E-series virtual machines previewed at the Rome launch in August are now generally available. Read more…

By Tiffany Trader

Intel’s New Hyderabad Design Center Targets Exascale Era Technologies

December 3, 2019

Intel's Raja Koduri was in India this week to help launch a new 300,000 square foot design and engineering center in Hyderabad, which will focus on advanced com Read more…

By Tiffany Trader

Using AI to Solve One of the Most Prevailing Problems in CFD

October 17, 2019

How can artificial intelligence (AI) and high-performance computing (HPC) solve mesh generation, one of the most commonly referenced problems in computational engineering? A new study has set out to answer this question and create an industry-first AI-mesh application... Read more…

By James Sharpe

In Memoriam: Steve Tuecke, Globus Co-founder

November 4, 2019

HPCwire is deeply saddened to report that Steve Tuecke, longtime scientist at Argonne National Lab and University of Chicago, has passed away at age 52. Tuecke Read more…

By Tiffany Trader

  • arrow
  • Click Here for More Headlines
  • arrow
Do NOT follow this link or you will be banned from the site!
Share This