Rootkit inside GPU Kernel Execution

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 313
  • Download : 0
We propose a rootkit installation method inside a GPU kernel execution process which works through GPU context manipulation. In GPU-based applications such as deep learning computations and cryptographic operations, the proposed method uses the feature by which the execution flow of the GPU kernel obeys the GPU context information in GPU memory. The proposed method consists of two key ideas. The first is GPU code manipulation, which is able to hijack the execution flow of the original GPU kernel to execute an injected payload without affecting the original GPU computation result. The second is a self-page-table update execution during which the GPU kernel updates its page table to access any location in system memory. After the installation, the malicious payload is executed only in the GPU kernel, and any no evidence remains in system memory. Thus, it cannot be detected by conventional rootkit detection methods.
Publisher
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG
Issue Date
2019-11
Language
English
Article Type
Article
Citation

IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, v.E102D, no.11, pp.2261 - 2264

ISSN
1745-1361
DOI
10.1587/transinf.2019EDL8104
URI
http://hdl.handle.net/10203/268448
Appears in Collection
CS-Journal Papers(저널논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0