Golden G. Richard III - University of New Orleans
Oct 22, 2014
Download: MP4 Video
Watch in your Browser
Watch on YouTube
"Memory Analysis, Meet GPU Malware"
Graphics Processing Units (GPUs) have evolved from very specialized,
idiosyncratic hardware intended to execute specialized graphics workloads
to semi-autonomous "supercomputers" that can be programmed easily using
common programming languages and powerful, portable APIs. GPUs also form
the basis for an emerging threat, GPU malware, which offloads important
aspects of malicious computations onto the GPU. The benefits of executing
malicious computations on the GPU include abundant compute power, a large
amount of semi-non-volatile memory, and perhaps most importantly, isolation
from host-based security measures. While memory analysis offers powerful
tools to detect and analyze traditional host-based malware, there are
essentially no equivalent tools for analyzing GPU malware. Furthermore,
existing general-purpose tools for debugging GPU applications are
completely ineffective if a large number of conditions are not established
before a GPU application is executed, all of which will certainly be
violated by weaponized GPU malware. This talk explores GPU malware in
detail, identifies why it's hard to analyze, and also discusses measures
that can easily employed to make analysis even more difficult. A primary
motivation for this research is the 2015 DFRWS Digital Forensics Challenge,
under development by Dr. Richard, the aim of which is to increase interest
in GPU malware analysis and foster the development of powerful tools to
analyze and combat this threat.
About the Speaker
Golden G. Richard III is Professor of Computer Science, University Research
Professor and Director of the Greater New Orleans Center for Information
Assurance (GNOCIA) at the University of New Orleans. Prof. Richard
received his Ph.D. in Computer Science from The Ohio State University in
1995 and has 35 years of experience in computer systems and computer
security. He is a Fellow of the American Academy of Forensic Sciences, a
member of the United States Secret Service Cybercrime Task Force, and
Chairman of the Board of Directors for DFRWS, a conference devoted to
digital forensics research. His research interests mirror his teaching
interests: digital forensics, reverse engineering, offensive computing,
operating systems internals, and malware analysis. In private practice, Dr.
Richard owns Arcane Alloy, LLC, and to further his agenda of absolutely no
time for sleep, Golden is also a professional music photographer--you can
check out his work at HighISOMusic.com.
Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M.
STEW G52 (Suite 050B), West Lafayette Campus. More information...