GPUs have developed rapidly in the past decade, both in terms of computational power, available memory, and the types of tasks they can perform. The recent introduction of GPU provision by cloud providers presents significant new risks, but little literature exists around the security implications of GPUs within the cloud. Further, malware has been identified which may be able to execute within GPU memory space, thereby bypassing many existing memory scanning tools. The security of GPUs needs to be re-assessed given these recent developments.

As such the project will conduct a review of existing literature and will aim to answer the following questions:

i) Can CUDA-based programs running in cloud virtual machines read data from the GPU memory of the virtual machines which have used the GPU previously? ii) Can a novel technique be developed which uses a GPU to assist malware in evading detection? iii) Is it possible to detect malicious code within GPU memory using existing tools?

This project will be co-supervised by our PwC industry partners Mathew Evans and James Horlock. Given the research-oriented element of this project, upon the completion of this project, another aim (not mandatory), will be to produce a research paper.