Cybersecurity and privacy are an ever-increasing concern. The annual cost behind cybercrime is expected to increase to $14 dollars by the year 2028. The Data Privacy, Security, and Confidentiality Thrust under AMAIS is an endeavor to address the cyber threats that could arise due to sharing of hardware resources by multiple users. More specifically, we are focusing on memory related cyber threats that will persist even in disaggregated systems like CXL. Memories are broad spectrum ranging from small on-chip caches to main memories like DRAM, non-conventional memories like resistive RAM or modern 3D stacked memories used in accelerators like Graphics Processing Units (GPUs). We would venture to investigate memories in all possible forms. This thrust would also investigate indirect data leakages related to memory, e.g. hardware performance counters disseminating memory related information from another user. The thrust will propose mitigation strategies as well arising from the explored attacks.  CXL would lead to an increased sharing of memory resources which would lead to novel hardware related vulnerabilities. In such computing framework, this thrust would lead to a secure computing environment for every user.

Approach

Cyber-attacks can be conducted fully through software or using hardware. Some hardware attacks require physical access to the device. We are investigating attacks that can be conducted on hardware from the software level. It can be conducted remotely from the user level without any privilege access to the system. These remote hardware attacks are known as covert and side channel attacks. In covert channel attacks, two malicious users communicate covertly among themselves exchanging secret messages that cannot be communicated otherwise. Inside channel attacks, a malicious user extracts secret information from a benign user that shares the same computing resources. In both the cases the attackers leverage the hardware resource contention arising due to sharing of the resource. Cumulatively, these kinds of attacks are known as microarchitectural attacks. These attacks are difficult to identify and defend often requiring hardware modifications impacting the performance of the system.

With memory being an integral part of the AMAIS project, we are investigating memory-related vulnerabilities at different level. We have investigated attacks at the cache level within accelerators (e.g. GPU) that are shared among multiple GPUs. Our research also encompassed non-conventional in-memory computing devices like Resistive RAMs (RRAMs) and demonstrated how the device functional irregularities can create natural defense towards attacks on AI inference models. DPS also investigated attacks leveraging the multi-GPU related performance counters sharing. When a process spans across multiple GPUs then an attacker can take the advantage of performance counters to extract information from another user. Currently we are in the process of learning data corruption attacks like row-hammer attacks that could exist in the RAM of accelerators like GPU. Through this thrust, we have investigated different aspects of the memory related hardware attacks and are in the process of exploring more as we progress.

Publications

Dutta S.B., H. Naghibijouybari, N.B. Abu-Ghazaleh, A. Marquez, and K.J. Barker. 2021. "Leaky Buddies: Cross-Component Covert Channels on Integrated CPU-GPU Systems." In ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA 2021), June 14-18, 2021, Valencia, Spain, 972-984. Piscataway, New Jersey:IEEE. PNNL-SA-166435. doi:10.1109/ISCA52012.2021.00080

Dutta S., H. Naghibijouybari, A. Gupta, N. Abu-Ghazaleh, A. Marquez, and K.J. Barker. 2023. "Spy in the GPU-box: Covert and Side Channel Attacks on Multi-GPU System." In Proceedings of the 50th Annual International Symposium on Computer Architecture (ISCA '23), June 17--21, 2023, Orlando, FL, 1-13, Art. No. 45. New York, New York:Association for Computing Machinery. PNNL-SA-184963. doi:10.1145/3579371.3589080

Dutta S.B., A. Marquez, Y. Zhang, N. Abu-Ghazaleh, and K.J. Barker. 2024. "Beyond the Bridge: Contention-Based Covert and Side Channel Attacks on Multi-GPU Interconnect." In International Symposium on Secure and Private Execution Environment Design (SEED). PNNL-SA-194843.

Islam M., S.B. Dutta, A. Marquez, I. Alouani, and K.N. KHASAWNEH. 2024. "Harnessing ML Privacy by Design Through Crossbar Array Non-idealities." In Design, Automation and Test in Europe Conference (DATE 2024), March 25-27, 2024, Valencia, Spain, 1-2. Piscataway, New Jersey:IEEE. PNNL-SA-194845.