07/04/2016 - 07/04/2016
Graphics Processing Units (GPUs) have become an integral part of modern systems, but their implications for system security are not yet clear. In this talk I will discuss our ongoing research in security of GPU-accelerated systems. Specifically, I will show that, in contrast to previous publications, GPUs cannot be used as secure co-processors. Moreover, GPU themselves may serve a platform for running highly stealthy malware with unlimited access to system memory. I will describe two new attacks, one which modifies the GPU closed-source binary driver in OS kernel memory, and another one that infects the GPU firmware. Both attacks enable unlimited access to CPU memory, in addition bypassing IOTLB protection. We also demonstrate a new GPU-based covert channel which enables hidden bi-directional communications with network servers from a standard web browser.