{"title":"一种新的基于GPU的WebGL框架地理位置推断攻击","authors":"Weixian Mai, Yinhao Xiao","doi":"10.1016/j.hcc.2023.100135","DOIUrl":null,"url":null,"abstract":"<div><p>In the past few years, graphics processing units (GPUs) have become an indispensable part of modern computer systems, not only for graphics rendering but also for intensive parallel computing. Given that many tasks running on GPUs contain sensitive information, security concerns have been raised, especially about potential GPU information leakage. Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects. However, such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world. In this paper, we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework, namely, GLINT (stands for <strong>G</strong>eo-<strong>L</strong>ocation <strong>In</strong>ference A<strong>t</strong>tack). GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on well-known map websites, e.g., Google Maps, or Baidu Maps. The measured stream of time series is then employed to infer geologically privacy-sensitive information, such as a search on a specific location. Upon retrieving the stream, we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series. We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.</p><p>We conducted real-world experiments to testify our attack. The experiments show that GeoInfer can correctly infer more than 83% of user searches regardless of the locations and map websites, meaning that our Geo-Privacy inference attack is accurate, practical, and robust. To counter this attack, we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data. We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%, indicating that the attack was no longer effective. We have fully implemented GLINT and open-sourced it for future follow-up research.</p></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"3 4","pages":"Article 100135"},"PeriodicalIF":3.2000,"publicationDate":"2023-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A novel GPU based Geo-Location Inference Attack on WebGL framework\",\"authors\":\"Weixian Mai, Yinhao Xiao\",\"doi\":\"10.1016/j.hcc.2023.100135\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>In the past few years, graphics processing units (GPUs) have become an indispensable part of modern computer systems, not only for graphics rendering but also for intensive parallel computing. Given that many tasks running on GPUs contain sensitive information, security concerns have been raised, especially about potential GPU information leakage. Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects. However, such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world. In this paper, we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework, namely, GLINT (stands for <strong>G</strong>eo-<strong>L</strong>ocation <strong>In</strong>ference A<strong>t</strong>tack). GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on well-known map websites, e.g., Google Maps, or Baidu Maps. The measured stream of time series is then employed to infer geologically privacy-sensitive information, such as a search on a specific location. Upon retrieving the stream, we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series. We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.</p><p>We conducted real-world experiments to testify our attack. The experiments show that GeoInfer can correctly infer more than 83% of user searches regardless of the locations and map websites, meaning that our Geo-Privacy inference attack is accurate, practical, and robust. To counter this attack, we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data. We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%, indicating that the attack was no longer effective. We have fully implemented GLINT and open-sourced it for future follow-up research.</p></div>\",\"PeriodicalId\":100605,\"journal\":{\"name\":\"High-Confidence Computing\",\"volume\":\"3 4\",\"pages\":\"Article 100135\"},\"PeriodicalIF\":3.2000,\"publicationDate\":\"2023-05-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"High-Confidence Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2667295223000338\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"High-Confidence Computing","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2667295223000338","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
A novel GPU based Geo-Location Inference Attack on WebGL framework
In the past few years, graphics processing units (GPUs) have become an indispensable part of modern computer systems, not only for graphics rendering but also for intensive parallel computing. Given that many tasks running on GPUs contain sensitive information, security concerns have been raised, especially about potential GPU information leakage. Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects. However, such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world. In this paper, we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework, namely, GLINT (stands for Geo-Location Inference Attack). GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on well-known map websites, e.g., Google Maps, or Baidu Maps. The measured stream of time series is then employed to infer geologically privacy-sensitive information, such as a search on a specific location. Upon retrieving the stream, we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series. We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.
We conducted real-world experiments to testify our attack. The experiments show that GeoInfer can correctly infer more than 83% of user searches regardless of the locations and map websites, meaning that our Geo-Privacy inference attack is accurate, practical, and robust. To counter this attack, we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data. We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%, indicating that the attack was no longer effective. We have fully implemented GLINT and open-sourced it for future follow-up research.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
