Modern computers rely on USB and HDMI ports for connecting external peripherals and display devices. Despite their built-in security measures, these ports remain susceptible to passive power-based side-channel attacks. This paper presents a new class of attacks that exploit power consumption patterns at these ports to infer GPU activities. We develop a custom device that plugs into these ports and demonstrate that its high-resolution power measurements can drive successful inferences about GPU processes, such as neural network computations and video rendering. The ubiquitous presence of USB and HDMI ports allows for discreet placement of the device, and its non-interference with data channels ensures that no security alerts are triggered. Our findings underscore the need to reevaluate and strengthen the current generation of HDMI and USB port security defenses.
翻译:现代计算机依赖USB与HDMI端口连接外部设备与显示装置。尽管这些端口内置了安全防护机制,但仍易受基于功耗的被动侧信道攻击。本文提出一类新型攻击方法,通过分析这些端口的功耗模式来推断GPU活动状态。我们开发了一种可接入此类端口的定制设备,并证明其高精度功耗测量能够成功推断GPU处理过程,例如神经网络计算与视频渲染任务。USB与HDMI端口的普遍存在性使得该设备可被隐蔽部署,且其不干扰数据通道的特性确保了不会触发安全警报。我们的研究结果强调,当前亟需重新评估并加强现有HDMI与USB端口的安全防护体系。