Nvidia chips hacked, fall victim to Rowhammer bit-flip attacks; here’s how to secure the AI GPUs
According to researchers, despite in -drama defenses such as attacks, Trr, it promotes bit turnings in all drama banks tested using the CUDA code at the user level. This bit Flips allows a malicious GPU user to install data on the GPU in shared, time -sliced environments. In the concept proof, we use these lice firms to tamper with a victim to the DNN models of a victim, and we reduce the model accuracy from 80% to 0.1% by using a single bit flip.
Rowhammer allows the attackers to quickly and repeatedly access the row of memory cells to change their memory data or degenerate. This repeated hammer of the selected lines causes lice companies in adjacent rows, converts to those with digital zeros or vice versa. So far, Rowhammer attacks have been shown only in memory chips used in CPUs for general purpose information processing.
NVIDIA SECURITY WARNING
Reacting to the new research, Nvidia issued a security statement stating that the correction was simple. Users must activate the ECC or an error correction code at the system level. This simple setting creates a backup at bit, so if one is turned upside down, the system can automatically correct anything before going wrong.
NVIDIA suggests that you use NVIDIA professional and data center products (consumer class graphic equipment) (instead of consumer graphic equipment) (instead of consumer class graphic equipment) and activate ECC to prevent Rowhammer -style attacks.
When evaluating the risk, it is important to think if the GPU installation is the only tenant or a tenant. A Rowhammer attack between the tenants can only be carried out if they reach GPU at the same time.
