Researcher found how to use Nvidia GPU to spy on browser activity, steal passwords

Nvidia GPUs side channel attacks

Researchers at the University of California, Riverside, have discovered three ways in which hackers can use GPUs to break user security and privacy defenses. These technologies can be used to monitor browser activity, steal passwords, and launch attacks against cloud-based applications. The first item described in the research report points to the insecure rendering of GPU bypass attacks.

The original title of the paper is “Rendered Insecure: GPU Side Channel Attacks are Practical.” It claims that this is the first time people have successfully initiated a bypass attack on the GPU.

“The first attack tracks user activity on the web. When the victim opens the malicious app, it uses OpenGL to create a spy to infer the behavior of the browser as it uses the GPU. Every website has a unique trace in terms of GPU memory utilization due to the different number of objects and different sizes of objects being rendered. This signal is consistent across loading the same website several times and is unaffected by caching.”

“In the second attack, the authors extracted user passwords. Each time the user types a character, the whole password textbox is uploaded to GPU as a texture to be rendered. Monitoring the interval time of consecutive memory allocation events leaked the number of password characters and inter-keystroke timing, well-established techniques for learning passwords.”

This vulnerability also allows an attacker to extract passwords from GPU data.

“The third attack targets a computational application in the cloud. The attacker launches a malicious computational workload on the GPU which operates alongside the victim’s application. Depending on neural network parameters, the intensity and pattern of contention on the cache, memory and functional units differ over time, creating measurable leakage. The attacker uses machine learning-based classification on performance counter traces to extract the victim’s secret neural network structure, such as number of neurons in a specific layer of a deep neural network.”

Fortunately, after the team informed Nvidia of their findings, the company said it would introduce a patch to system administrators so they could block access to performance counters from user-level processes. At the same time, the research team also informed AMD and the Intel security team about the same thing so that they could assess whether these vulnerabilities would be exploited on their products.

Via: UC Riverside