Skip to Main content Skip to Navigation
Conference papers

GPU Powered Malware

Daniel Reynaud 1 
1 CARTE - Theoretical adverse computations, and safety
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : There is an increasing interest in Graphics Processing Units for general-purpose programming, due to their processing power and massively parallel design. Therefore, most consumer graphics hardware are now fully programmable using either Nvidia's CUDA toolkit or AMD/ATI Stream SDK. This presentation will give an analysis of how the GPU can be used by malware as an anti-reverse engineering platform, with examples using the CUDA technology. With CUDA, the GPU is fully programmable in C, but the resulting device program can't be debugged because Nvidia's GPUs do not support this feature natively. As a result, a malware analyst has to use static analysis against the device code in order to understand the malware. But this task is harder with GPU code than with traditional binaries since the source of a CUDA program is compiled to undocumented microcode (and therefore unsupported by standard disassemblers such as IDA Pro). Finally, this presentation will also assess the technical feasability of an unpacker written fully in device code.
Document type :
Conference papers
Complete list of metadata
Contributor : Daniel Reynaud Connect in order to contact the contributor
Submitted on : Tuesday, October 21, 2008 - 10:51:15 AM
Last modification on : Saturday, June 25, 2022 - 7:45:43 PM


  • HAL Id : inria-00332539, version 1



Daniel Reynaud. GPU Powered Malware. Ruxcon, Nov 2008, Sydney, Australia. ⟨inria-00332539⟩



Record views