From GIS CS4
Jump to: navigation, search

Welcome back to the final 3 weeks of CS4 Programming.



Wednesday (Lab)

Technology Friday

If Computer Languages Where Vehicles...


SSD Storage - Ignorance of Technology is No Excuse

GPU Malware

"Jellyfish" GPU-infected Malware, proof-of-concept

  • GPU-based rootkit and keylogger offer superior stealth and computing power
  • New Linux rootkit leverages graphics cards for stealth
  • https://github.com/x0r1/jellyfish
  • Github: Jellyfish is a Linux based userland gpu rootkit proof of concept project utilizing the LD_PRELOAD technique from Jynx (CPU), as well as the OpenCL API developed by Khronos group (GPU). Code currently supports AMD and NVIDIA graphics cards. However, the AMDAPPSDK does support Intel as well.
  • Advantages of GPU-stored malware:
    • No GPU malware analysis tools available on web
    • Can snoop on CPU host memory via DMA
      • Note: Normally, inter-process isolation means that only the kernel can see all of the system's memory. Hardware virtual memory paging gives each process its own address space. It's difficult to get into the kernel. But now a user-land process can load code into the GPU... which then has access to the whole machine.
  • GPU can be used for fast/swift mathematical calculations like xor'ing or parsing
    • Malicious memory may be retained across warm reboots.

Protecting Your Computer

Protect Windows

See Securing Windows

Protect Mac OSX

See Securing Mac OSX

Protect Web Browser

See Web Browser