A Coordinated GPU Overdrive Fault Attack on Neural Networks
TimeWednesday, December 8th6:00pm - 7:00pm PST
LocationLevel 2 - Lobby
Event Type
Networking Reception
Work-in-Progress Poster
Virtual Programs
Presented In-Person
DescriptionGraphics processing units (GPUs) are commonly used to accelerate training and inference of convolutional neural networks (CNNs). Modern GPUs can be shared by multiple users to execute workloads concurrently. However, the reliability and security of shared GPU computing have not been carefully evaluated. In this paper, we design a coordinated overdrive fault attack on GPUs. An adversary kernel utilizes the shared GPU caches to detect the presence of a victim kernel to trigger fault injections in time. We thoroughly characterize the fault injections and propagation in a victim CNN. We successfully launched an end-to-end misclassification attack during CNN inference.