Mind control attack: Undermining deep learning with GPU memory exploitation
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Park, Sang-Ok | ko |
| dc.contributor.author | Kwon, Ohmin | ko |
| dc.contributor.author | Kim, Yonggon | ko |
| dc.contributor.author | Cha, Sang Kil | ko |
| dc.contributor.author | Yoon, Hyunsoo | ko |
| dc.date.accessioned | 2021-03-17T06:10:14Z | - |
| dc.date.available | 2021-03-17T06:10:14Z | - |
| dc.date.created | 2021-03-17 | - |
| dc.date.created | 2021-03-17 | - |
| dc.date.issued | 2021-03 | - |
| dc.identifier.citation | COMPUTERS & SECURITY, v.102 | - |
| dc.identifier.issn | 0167-4048 | - |
| dc.identifier.uri | http://hdl.handle.net/10203/281609 | - |
| dc.description.abstract | Modern deep learning frameworks rely heavily on GPUs to accelerate the computation. However, the security implication of GPU device memory exploitation on deep learning frameworks has been largely neglected. In this paper, we argue that GPU device memory manipulation is a novel attack vector against deep learning systems. We present a novel attack method leveraging the attack vector, which makes deep learning predictions no longer different from random guessing by degrading the accuracy of the predictions. To the best of our knowledge, we are the first to show a practical attack that directly exploits deep learning frameworks through GPU memory manipulation. We confirmed that our attack works on three popular deep learning frameworks, TensorFlow, CNTK, and Caffe, running on CUDA. Finally, we propose potential defense mechanisms against our attack, and discuss concerns of GPU memory safety. (c) 2020 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/) | - |
| dc.language | English | - |
| dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
| dc.title | Mind control attack: Undermining deep learning with GPU memory exploitation | - |
| dc.type | Article | - |
| dc.identifier.wosid | 000613150600001 | - |
| dc.identifier.scopusid | 2-s2.0-85098473619 | - |
| dc.type.rims | ART | - |
| dc.citation.volume | 102 | - |
| dc.citation.publicationname | COMPUTERS & SECURITY | - |
| dc.identifier.doi | 10.1016/j.cose.2020.102115 | - |
| dc.contributor.localauthor | Cha, Sang Kil | - |
| dc.contributor.localauthor | Yoon, Hyunsoo | - |
| dc.description.isOpenAccess | Y | - |
| dc.type.journalArticle | Article | - |
| dc.subject.keywordAuthor | Graphics process unit security | - |
| dc.subject.keywordAuthor | GPU memory exploit | - |
| dc.subject.keywordAuthor | Deep learning security | - |
| dc.subject.keywordAuthor | Reverse engineering | - |
| dc.subject.keywordAuthor | Compute unified device architecture | - |
- Appears in Collection
- CS-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 7 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.