Hodong Kim and Gyeongsup Lim, Korea University; Seunghee Shin, State University of New York at Binghamton; Youngjoo Shin and Junbeom Hur, Korea University
Modern GPUs support resource sharing among concurrent applications, introducing the risk of side-channel attacks. While prior research has explored GPU side channels that exploit shared GPU resources, the security implications of time-sliced scheduling, a standard feature for resource sharing in today's GPUs, remain largely unexplored concerning side-channel attacks. In this study, we analyze timing variations caused by concurrent execution under the GPU's time-sliced scheduling mechanism. We begin by identifying the upper bound of a time slice and then leverage this bound to estimate the duration of a concurrent program's time slice, ultimately enabling us to infer the program's overall GPU utilization patterns.
Building on this finding, we introduce TIMESLICE-SANDWICH, a novel GPU side-channel attack that leverages variations in time-slice duration to infer and distinguish victim execution patterns. Unlike prior GPU side-channel attacks, TIMESLICE-SANDWICH does not require contention on specific shared resources. In our experiments, TIMESLICE-SANDWICH achieves an F1 score of 94.40% in neural network recovery attack; and a Top-1 accuracy of 92.84% in website fingerprinting attack on Google Chrome, both on average, demonstrating its effectiveness. Even in the presence of noise, our attack achieves an average F1 score of 73.74% for neural network recovery. Finally, we discuss potential mitigations to address side-channel risks arising from time-slice patterns in modern GPU resource-sharing architectures.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
