A novel GPU based Geo-Location Inference Attack on WebGL framework

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS High-Confidence Computing Pub Date : 2023-05-27 DOI:10.1016/j.hcc.2023.100135
Weixian Mai, Yinhao Xiao
{"title":"A novel GPU based Geo-Location Inference Attack on WebGL framework","authors":"Weixian Mai,&nbsp;Yinhao Xiao","doi":"10.1016/j.hcc.2023.100135","DOIUrl":null,"url":null,"abstract":"<div><p>In the past few years, graphics processing units (GPUs) have become an indispensable part of modern computer systems, not only for graphics rendering but also for intensive parallel computing. Given that many tasks running on GPUs contain sensitive information, security concerns have been raised, especially about potential GPU information leakage. Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects. However, such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world. In this paper, we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework, namely, GLINT (stands for <strong>G</strong>eo-<strong>L</strong>ocation <strong>In</strong>ference A<strong>t</strong>tack). GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on well-known map websites, e.g., Google Maps, or Baidu Maps. The measured stream of time series is then employed to infer geologically privacy-sensitive information, such as a search on a specific location. Upon retrieving the stream, we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series. We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.</p><p>We conducted real-world experiments to testify our attack. The experiments show that GeoInfer can correctly infer more than 83% of user searches regardless of the locations and map websites, meaning that our Geo-Privacy inference attack is accurate, practical, and robust. To counter this attack, we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data. We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%, indicating that the attack was no longer effective. We have fully implemented GLINT and open-sourced it for future follow-up research.</p></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"3 4","pages":"Article 100135"},"PeriodicalIF":3.2000,"publicationDate":"2023-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"High-Confidence Computing","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2667295223000338","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

In the past few years, graphics processing units (GPUs) have become an indispensable part of modern computer systems, not only for graphics rendering but also for intensive parallel computing. Given that many tasks running on GPUs contain sensitive information, security concerns have been raised, especially about potential GPU information leakage. Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects. However, such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world. In this paper, we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework, namely, GLINT (stands for Geo-Location Inference Attack). GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on well-known map websites, e.g., Google Maps, or Baidu Maps. The measured stream of time series is then employed to infer geologically privacy-sensitive information, such as a search on a specific location. Upon retrieving the stream, we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series. We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.

We conducted real-world experiments to testify our attack. The experiments show that GeoInfer can correctly infer more than 83% of user searches regardless of the locations and map websites, meaning that our Geo-Privacy inference attack is accurate, practical, and robust. To counter this attack, we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data. We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%, indicating that the attack was no longer effective. We have fully implemented GLINT and open-sourced it for future follow-up research.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
一种新的基于GPU的WebGL框架地理位置推断攻击
在过去的几年里,图形处理单元(GPU)已经成为现代计算机系统中不可或缺的一部分,不仅用于图形渲染,而且用于密集的并行计算。考虑到GPU上运行的许多任务都包含敏感信息,人们提出了安全问题,尤其是潜在的GPU信息泄露问题。先前的研究表明,攻击者可以使用GPU内存分配或性能计数器来测量受害者的副作用,从而表明了这种担忧。然而,这种攻击有一个关键的缺点,即它需要受害者安装桌面应用程序或移动应用程序,从而使其难以在现实世界中部署。在本文中,我们通过在WebGL框架上提出一种新的基于GPU的侧通道地理隐私推断攻击来解决这一缺陷,即GLINT(代表地理位置推断攻击)。GLINT仅利用轻量级浏览器扩展来测量在知名地图网站(如谷歌地图或百度地图)上渲染一系列帧所花费的时间。然后,测量的时间序列流被用来推断地质上隐私敏感的信息,例如对特定位置的搜索。在检索流时,我们提出了一种新的流数据在线分割算法,以确定隐私敏感时间序列的起点和终点。然后,我们将DTW算法和KNN算法结合在这些序列上,得出关于用户地理位置隐私的最终推断。我们进行了真实世界的实验来证明我们的攻击。实验表明,无论位置和地图网站如何,GeoInfer都可以正确推断83%以上的用户搜索,这意味着我们的地理隐私推断攻击是准确、实用和稳健的。为了应对这种攻击,我们实施了一种基于差分隐私的防御策略,以阻止获得准确的渲染数据。我们发现,这种防御机制使攻击模型的平均准确率降低了70%以上,这表明攻击不再有效。我们已经全面实施了GLINT,并为未来的后续研究开源。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
CiteScore
4.70
自引率
0.00%
发文量
0
期刊最新文献
Identity-based threshold (multi) signature with private accountability for privacy-preserving blockchain Navigating the Digital Twin Network landscape: A survey on architecture, applications, privacy and security Erratum to “An effective digital audio watermarking using a deep convolutional neural network with a search location optimization algorithm for improvement in Robustness and Imperceptibility” [High-Confid. Comput. 3 (2023) 100153] On Building Automation System security SoK: Decentralized Storage Network
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1