Confidential Computing on Heterogeneous CPU-GPU Systems: Survey and Future Directions

• URL: http://arxiv.org/abs/2408.11601v2
• Date: Tue, 3 Sep 2024 14:49:29 GMT
• Title: Confidential Computing on Heterogeneous CPU-GPU Systems: Survey and Future Directions
• Authors: Qifan Wang, David Oswald,
• Abstract summary: In recent years, the widespread informatization and rapid data explosion have increased the demand for high-performance heterogeneous systems. The combination of CPU and GPU is particularly popular due to its versatility. Advances in privacy-preserving techniques, especially hardware-based Trusted Execution Environments (TEEs) offer effective protection for GPU applications.
• Score: 21.66522545303459
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: In recent years, the widespread informatization and rapid data explosion have increased the demand for high-performance heterogeneous systems that integrate multiple computing cores such as CPUs, Graphics Processing Units (GPUs), Application Specific Integrated Circuits (ASICs), and Field Programmable Gate Arrays (FPGAs). The combination of CPU and GPU is particularly popular due to its versatility. However, these heterogeneous systems face significant security and privacy risks. Advances in privacy-preserving techniques, especially hardware-based Trusted Execution Environments (TEEs), offer effective protection for GPU applications. Nonetheless, the potential security risks involved in extending TEEs to GPUs in heterogeneous systems remain uncertain and need further investigation. To investigate these risks in depth, we study the existing popular GPU TEE designs and summarize and compare their key implications. Additionally, we review existing powerful attacks on GPUs and traditional TEEs deployed on CPUs, along with the efforts to mitigate these threats. We identify potential attack surfaces introduced by GPU TEEs and provide insights into key considerations for designing secure GPU TEEs. This survey is timely as new TEEs for heterogeneous systems, particularly GPUs, are being developed, highlighting the need to understand potential security threats and build both efficient and secure systems.

Related papers

• Accelerating IoV Intrusion Detection: Benchmarking GPU-Accelerated vs CPU-Based ML Libraries [0.0]
  Internet of Vehicles (IoV) may face challenging cybersecurity attacks that may require sophisticated intrusion detection systems. This research investigates the performance advantages of GPU-accelerated libraries (cuML) compared to traditional CPU-based implementations.
  arXiv  Detail & Related papers  (2025-04-02T17:04:53Z)
• SoK: Trusted Execution in SoC-FPGAs [0.8279005038289369]
  Trusted Execution Environments (TEEs) have emerged at the forefront of edge computing to combat the lack of trust between system components. FPGAs are commonly used as edge computers but were not created with security as a primary consideration. We analyze the existing literature to systematize the applications and features of FPGA-based TEEs.
  arXiv  Detail & Related papers  (2025-03-20T18:07:44Z)
• Crypto Miner Attack: GPU Remote Code Execution Attacks [0.0]
  Remote Code Execution (RCE) exploits pose a significant threat to AI and ML systems. This paper focuses on RCE attacks leveraging deserialization vulnerabilities and custom layers, such as Lambda layers. We demonstrate an attack that utilizes these vulnerabilities to deploy a crypto miner on a GPU.
  arXiv  Detail & Related papers  (2025-02-09T19:26:47Z)
• Fastrack: Fast IO for Secure ML using GPU TEEs [7.758531952461963]
  GPU-based Trusted Execution Environments (TEEs) offer secure, high-performance solutions. CPU-to-GPU communication overheads significantly hinder performance. This paper analyzes Nvidia H100 TEE protocols and identifies three key overheads. We propose Fastrack, optimizing with 1) direct GPU TEE communication, 2) parallelized authentication, and 3) overlapping decryption with PCI-e transmission.
  arXiv  Detail & Related papers  (2024-10-20T01:00:33Z)
• Enabling High Data Throughput Reinforcement Learning on GPUs: A Domain Agnostic Framework for Data-Driven Scientific Research [90.91438597133211]
  We introduce WarpSci, a framework designed to overcome crucial system bottlenecks in the application of reinforcement learning. We eliminate the need for data transfer between the CPU and GPU, enabling the concurrent execution of thousands of simulations.
  arXiv  Detail & Related papers  (2024-08-01T21:38:09Z)
• Do Not Trust Power Management: A Survey on Internal Energy-based Attacks Circumventing Trusted Execution Environments Security Properties [0.21665864340363084]
  Since 2015, a new class of software-enabled hardware attacks leveraging energy management mechanisms has emerged. Their aim is to bypass TEE security guarantees and expose sensitive information such as cryptographic keys. This article presents the first comprehensive knowledge survey of these attacks, along with an evaluation of literature countermeasures.
  arXiv  Detail & Related papers  (2024-05-24T13:26:39Z)
• Generative AI for Secure and Privacy-Preserving Mobile Crowdsensing [74.58071278710896]
  generative AI has attracted much attention from both academic and industrial fields. Secure and privacy-preserving mobile crowdsensing (SPPMCS) has been widely applied in data collection/ acquirement.
  arXiv  Detail & Related papers  (2024-05-17T04:00:58Z)
• Networking Systems for Video Anomaly Detection: A Tutorial and Survey [55.28514053969056]
  Video Anomaly Detection (VAD) is a fundamental research task within the Artificial Intelligence (AI) community. With the advancements in deep learning and edge computing, VAD has made significant progress. This article offers an exhaustive tutorial for novices in NSVAD.
  arXiv  Detail & Related papers  (2024-05-16T02:00:44Z)
• Reconfigurable Edge Hardware for Intelligent IDS: Systematic Approach [0.0]
  Intrusion detection systems (IDS) are crucial security measures nowadays to enforce network security. In this paper, we analyze the concept of intelligent IDS (I-IDS) while addressing the specific requirements of Edge devices. We introduce a systematic approach to constructing the I-IDS on reconfigurable Edge hardware.
  arXiv  Detail & Related papers  (2024-04-13T17:24:18Z)
• WebGPU-SPY: Finding Fingerprints in the Sandbox through GPU Cache Attacks [0.7400926717561453]
  We present a new attack vector for microarchitectural attacks in web browsers. We develop a cache side channel attack on the compute stack of the GPU that spies on victim activities. We demonstrate that GPU-based cache attacks can achieve a precision of 90 for website fingerprinting of 100 top websites.
  arXiv  Detail & Related papers  (2024-01-09T04:21:43Z)
• FusionAI: Decentralized Training and Deploying LLMs with Massive Consumer-Level GPUs [57.12856172329322]
  We envision a decentralized system unlocking the potential vast untapped consumer-level GPU. This system faces critical challenges, including limited CPU and GPU memory, low network bandwidth, the variability of peer and device heterogeneity.
  arXiv  Detail & Related papers  (2023-09-03T13:27:56Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• The Architectural Implications of Distributed Reinforcement Learning on CPU-GPU Systems [45.479582612113205]
  We show how to improve the performance and power efficiency of RL training on CPU-GPU systems. We quantify the overall hardware utilization on a state-of-the-art distributed RL training framework. We also introduce a new system design metric, CPU/GPU ratio, and show how to find the optimal balance between CPU and GPU resources.
  arXiv  Detail & Related papers  (2020-12-08T04:50:05Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.