NIST CSF-2.0 Compliant GPU Shader Execution

Authors

  • Nelson Lungu Electrical and Electronical Engineering, University of Zambia, Lusaka, Zambia
  • Ahmad Abdulqadir Al Rababah Faculty of Computing and Information Technology, King Abdulaziz University, Rabigh, Saudi Arabia
  • Bibhuti Bhusan Dash School of Computer Applications, KIIT Deemed to be University, Bhubaneswar, India
  • Asif Hassan Syed Faculty of Computing and Information Technology, King Abdulaziz University, Rabigh, Saudi Arabia
  • Lalbihari Barik Faculty of Computing and Information Technology, King Abdulaziz University, Rabigh, Saudi Arabia
  • Suchismita Rout School of Computer Engineering, KIIT Deemed to be University, Bhubaneswar, India
  • Simon Tembo Electrical and Electronical Engineering,University of Zambia, Lusaka, Zambia
  • Charles Lubobya Electrical and Electronical Engineering, University of Zambia, Lusaka, Zambia
  • Sudhansu Shekhar Patra School of Computer Applications, KIIT Deemed to be University, Bhubaneswar, India
Volume: 14 | Issue: 4 | Pages: 15187-15193 | August 2024 | https://doi.org/10.48084/etasr.7351

Received: 26 March 2024 | Revised: 11 April 2024, 1 May 2024, and 14 May 2024 | Accepted: 15 May 2024 | Online: 2 August 2024


Corresponding author: Sudhansu Shekhar Patra

Abstract

This article introduces a mechanism for ensuring trusted GPU shader execution that adheres to the NIST Cybersecurity Framework (CSF) 2.0 standard. The CSF is a set of best practices for reducing cybersecurity risks. We focus on the CSF’s identification, protection, detection, and response mechanisms for GPU-specific security. To this end, we exploit recent advancements in side-channel analysis and hardware-assisted security for the real-time and introspective monitoring of shader execution. We prototype our solution and measure its performance across different GPU platforms. The evaluation results demonstrate the effectiveness of the proposed mechanism in detecting anomalous shader behaviors that only incur modest overhead at runtime. Integrating the CSF 2.0 principles into the proposed GPU shader pipeline leads to an organizational recipe for securing heterogeneous computing resources.

Keywords:

GPU security, shader execution attacks/defenses, anomaly detection techniques, NIST CSF mapping, real-time protection mechanisms

Downloads

Download data is not yet available.

References

W. J. Dally, S. W. Keckler, and D. B. Kirk, "Evolution of the Graphics Processing Unit (GPU)," IEEE Micro, vol. 41, no. 6, pp. 42–51, Aug. 2021.

D. G. Mahmoud, V. Lenders, and M. Stojilovic, "Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous Era," ACM Computing Surveys, vol. 55, no. 3, Oct. 2022, Art. no. 58.

W. Zhang, F. Bastani, I.-L. Yen, K. Hulin, F. Bastani, and L. Khan, "Real-Time Anomaly Detection in Streams of Execution Traces," in 14th International Symposium on High-Assurance Systems Engineering, Omaha, NE, USA, Oct. 2012, pp. 32–39.

A. Chen et al., "Detecting covert timing channels with time-deterministic replay," in 11th USENIX conference on Operating Systems Design and Implementation, Berkeley, CA, USA, Oct. 2014, pp. 541–554.

M. Chiappetta, E. Savas, and C. Yilmaz, "Real time detection of cache-based side-channel attacks using hardware performance counters," Applied Soft Computing, vol. 49, pp. 1162–1174, Dec. 2016.

J. Chen, B. Li, Y. Zhang, L. Peng, and J. Peir, "Statistical GPU power analysis using tree-based methods," in International Green Computing Conference and Workshops, Orlando, FL, USA, Jul. 2011, pp. 1–6.

J. C. Lee, T. Kim, E. Park, S. S. Woo, and J. H. Ko, "Continuous Memory Representation for Anomaly Detection." arXiv, Mar. 10, 2024.

"Cybersecurity Framework," NIST, Nov. 2013, [Online]. Available: https://www.nist.gov/cyberframework.

A. Calder, NIST Cybersecurity Framework: A pocket guide. North Sebastopol, CA, USA: IT Governance Publishing, 2018.

S. B. Dutta, H. Naghibijouybari, A. Gupta, N. Abu-Ghazaleh, A. Marquez, and K. Barker, "Spy in the GPU-box: Covert and Side Channel Attacks on Multi-GPU Systems," in 50th Annual International Symposium on Computer Architecture, Orlando, FL, USA, Jun. 2023, pp. 1–13.

Z. Wang and R. B. Lee, "A novel cache architecture with enhanced performance and security," in 41st IEEE/ACM International Symposium on Microarchitecture, Como, Italy, Nov. 2008, pp. 83–93.

H. Naghibijouybari, A. Neupane, Z. Qian, and N. Abu-Ghazaleh, "Beyond the CPU: Side–Channel Attacks on GPUs," IEEE Design & Test, vol. 38, no. 3, pp. 15–21, Jun. 2021.

E. Karimi, Z. H. Jiang, Y. Fei, and D. Kaeli, "A Timing Side-Channel Attack on a Mobile GPU," in 36th International Conference on Computer Design, Orlando, FL, USA, Oct. 2018, pp. 67–74.

R. Rohan, B. Papasratorn, W. Chutimaskul, J. Hautamäki, S. Funilkul, and D. Pal, "Enhancing Cybersecurity Resilience: A Comprehensive Analysis of Human Factors and Security Practices Aligned with the NIST Cybersecurity Framework," in 13th International Conference on Advances in Information Technology, Bangkok, Thailand, Dec. 2023, pp. 1–16.

NIST, NIST Cybersecurity Framework 2.0: Resource & Overview Guide. Gaithersburg, MD, USA: National Institute of Standards and Technology, 2024.

D. A. Rockenbach et al., "Stream Processing on Multi-cores with GPUs: Parallel Programming Models’ Challenges," in International Parallel and Distributed Processing Symposium Workshops, Rio de Janeiro, Brazil, Dec. 2019, pp. 834–841.

M. Kenzel, B. Kerbl, D. Schmalstieg, and M. Steinberger, "A high-performance software graphics pipeline architecture for the GPU," ACM Transactions on Graphics, vol. 37, no. 4, Apr. 2018, Art. no. 140.

N. Belleville, D. Courousse, K. Heydemann, and H.-P. Charles, "Automated Software Protection for the Masses Against Side-Channel Attacks," ACM Transactions on Architecture and Code Optimization, vol. 15, no. 4, Aug. 2018, Art. no. 47.

N. Lungu, S. Tembo, N. Walubita, and S. S. Patra, "Mitigating GPU Side-Channels via Integrated Monitoring and Response," in International Conference on Integrated Circuits and Communication Systems, Raichur, India, Feb. 2024, pp. 1–8.

A. Danalis et al., "The Scalable Heterogeneous Computing (SHOC) benchmark suite," in 3rd Workshop on General-Purpose Computation on Graphics Processing Units, Pittsburgh, PA, USA, Mar. 2010, pp. 63–74.

S. Lee, H. Seo, H. Kwon, and H. Yoon, "Hybrid approach of parallel implementation on CPU–GPU for high-speed ECDSA verification," The Journal of Supercomputing, vol. 75, no. 8, pp. 4329–4349, Aug. 2019.

Downloads

How to Cite

[1]
N. Lungu, “NIST CSF-2.0 Compliant GPU Shader Execution”, Eng. Technol. Appl. Sci. Res., vol. 14, no. 4, pp. 15187–15193, Aug. 2024.

Metrics

Abstract Views: 51
PDF Downloads: 101

Metrics Information

License

Copyright (c) 2024 Nelson Lungu, Ahmad Abdulqadir Al Rababah, Bibhuti Bhusan Dash, Asif Hassan Syed, Lalbihari Barik, Suchismita Rout, Simon Tembo, Charles Lubobya, Sudhansu Shekhar Patra

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.

Crossref
Scopus
Google Scholar
Europe PMC