Data remanence and digital forensic investigation for CUDA Graphics Processing Units

Bellekens, Xavier and Paul, Greig and Irvine, James M. and Tachtatzis, Christos and Atkinson, Robert C. and Kirkham, Tony and Renfrew, Craig (2015) Data remanence and digital forensic investigation for CUDA Graphics Processing Units. In: 1ST IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), 2015-05-11 - 2015-05-15, Ottawa Convention Center.

[thumbnail of Bellekens-etal-DISSECT2015-data-remanence-digital-forensic-investigation-CUDA]
Preview
 Text. Filename: Bellekens_etal_DISSECT2015_data_remanence_digital_forensic_investigation_CUDA.pdf
Accepted Author Manuscript
Download (235kB)| Preview

Abstract

This paper investigates the practicality of memory attacks on commercial Graphics Processing Units (GPUs). With recent advances in the performance and viability of using GPUs for various highly-parallelised data processing tasks, a number of security challenges are raised. Unscrupulous software running subsequently on the same GPU, either by the same user, or another user, in a multi-user system, may be able to gain access to the contents of the GPU memory. This contains data from previous program executions. In certain use-cases, where the GPU is used to offload intensive parallel processing such as pattern matching for an intrusion detection system, financial systems, or cryptographic algorithms, it may be possible for the GPU memory to contain privileged data, which would ordinarily be inaccessible to an unprivileged application running on the host computer. With GPUs potentially yielding access to confidential information, existing research in the field is built upon, to investigate the practicality of extracting data from global, shared and texture memory, and retrieving this data for further analysis. These techniques are also implemented on various GPUs using three different Nvidia CUDA versions. A novel methodology for digital forensic examination of GPU memory for remanent data is then proposed, along with some suggestions and considerations towards countermeasures and anti-forensic techniques

ORCID iDs

Bellekens, Xavier ORCID logoORCID: https://orcid.org/0000-0003-1849-5788, Paul, Greig ORCID logoORCID: https://orcid.org/0000-0002-6070-3192, Irvine, James M. ORCID logoORCID: https://orcid.org/0000-0003-2078-6517, Tachtatzis, Christos ORCID logoORCID: https://orcid.org/0000-0001-9150-6805, Atkinson, Robert C. ORCID logoORCID: https://orcid.org/0000-0002-6206-2229, Kirkham, Tony and Renfrew, Craig;
  • Item type:Conference or Workshop Item(Paper)
    ID code:53209
    Dates:
    Date
    Event
    May 2015
    Published
    5 February 2015
    Accepted
    Notes:© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
    Subjects:Technology > Electrical engineering. Electronics Nuclear engineering
    Department:Faculty of Engineering > Electronic and Electrical Engineering
    Depositing user: Pure Administrator
    Date deposited:03 Jun 2015 09:18
    Last modified:11 Nov 2024 16:43
    Related URLs:
    URI:https://strathprints.strath.ac.uk/id/eprint/53209
CORE (COnnecting REpositories)