Hot Pixels: Frequency, Power, and Temperature Attacks on GPUs and ARM SoCs

05/22/2023
by   Hritvik Taneja, et al.
0

The drive to create thinner, lighter, and more energy efficient devices has resulted in modern SoCs being forced to balance a delicate tradeoff between power consumption, heat dissipation, and execution speed (i.e., frequency). While beneficial, these DVFS mechanisms have also resulted in software-visible hybrid side-channels, which use software to probe analog properties of computing devices. Such hybrid attacks are an emerging threat that can bypass countermeasures for traditional microarchitectural side-channel attacks. Given the rise in popularity of both Arm SoCs and GPUs, in this paper we investigate the susceptibility of these devices to information leakage via power, temperature and frequency, as measured via internal sensors. We demonstrate that the sensor data observed correlates with both instructions executed and data processed, allowing us to mount software-visible hybrid side-channel attacks on these devices. To demonstrate the real-world impact of this issue, we present JavaScript-based pixel stealing and history sniffing attacks on Chrome and Safari, with all side channel countermeasures enabled. Finally, we also show website fingerprinting attacks, without any elevated privileges.

READ FULL TEXT

page 12

page 13

research
06/28/2023

The Power of Telemetry: Uncovering Software-Based Side-Channel Attacks on Apple M1/M2 Systems

Power analysis is a class of side-channel attacks, where power consumpti...
research
08/19/2022

An Optimal Energy Efficient Design of Artificial Noise for Preventing Power Leakage based Side-Channel Attacks

Side-channel attacks (SCAs), which infer secret information (for example...
research
07/09/2019

Application Inference using Machine Learning based Side Channel Analysis

The proliferation of ubiquitous computing requires energy-efficient as w...
research
07/14/2020

Speculative Leakage in ARM Cortex-A53

The recent Spectre attacks have demonstrated that modern microarchitectu...
research
06/27/2022

DF-SCA: Dynamic Frequency Side Channel Attacks are Practical

The arm race between hardware security engineers and side-channel resear...
research
01/21/2019

SoK: Taxonomy and Challenges of Out-of-Band Signal Injection Attacks and Defenses

Research on how hardware imperfections impact security has primarily foc...
research
05/11/2023

Assault and Battery: Evaluating the Security of Power Conversion Systems Against Electromagnetic Injection Attacks

Many modern devices, including critical infrastructures, depend on the r...

Please sign up or login with your details

Forgot password? Click here to reset