Strategies for protecting intellectual property when using CUDA applications on graphics processing units

Recent advances in the massively parallel computational abilities of graphical processing units (GPUs) have increased their use for general purpose computation, as companies look to take advantage of big data processing techniques. This has given rise to the potential for malicious software targeting GPUs, which is of interest to forensic investigators examining the operation of software. The ability to carry out reverse-engineering of software is of great importance within the security and forensics elds, particularly when investigating malicious software or carrying out forensic analysis following a successful security breach. Due to the complexity of the Nvidia CUDA (Compute Uni ed Device Architecture) framework, it is not clear how best to approach the reverse engineering of a piece of CUDA software. We carry out a review of the di erent binary output formats which may be encountered from the CUDA compiler, and their implications on reverse engineering. We then demonstrate the process of carrying out disassembly of an example CUDA application, to establish the various techniques available to forensic investigators carrying out black-box disassembly and reverse engineering of CUDA binaries. We show that the Nvidia compiler, using default settings, leaks useful information. Finally, we demonstrate techniques to better protect intellectual property in CUDA algorithm implementations from reverse engineering

An integrated development environment for the SecreC programming language

Sharemind on raamistik, mis võimaldab teha privaatsust säilitavaid arvutusi. Sharemind koosneb kolmest andmekaevandaja rakendusest ja juhtimisteegist. Andmekaevandajad, moodustades Sharemindi virtuaalmasina, teevad olemasolevate andmete peal privaatseid arvutusi. Juhtimisteegi abil saavad teised rakendused andmekaevandajate tööd kontrollida ning nende andmebaasidesse uusi andmeid sisestada. Sharemindi raamistikule on loodud kaks programmeerimiskeelt: Sharemindi assemblerkeel ja SecreC keel. Sharemindi assemblerkeel on madala taseme keel, mida käivitatakse otse Sharemindi virtuaalmasinas. Kuigi ta lubab teha privaatsust säilitavaid arvutusi teostavaid rakendusi, on rakenduste tegmise protsess keeruline, sest madala taseme keeles programmeerimine on aeganõudev ning vigadele avatud. Selleks, et arendajad ei peaks assemblerkeeles programmeerima, loodi SecreC keel. SecreC on C-keele laadne programmeerimiskeel, mis võimaldab luua andmekaevandusalgoritme Sharemindi raamistiku rakendustele. SecreC kompileeritakse Sharemindi assemblerkeeleks, mis seejärel käivitatakse virtuaalmasinas. Klientrakendused kasutavad juhtimisteeki andmekaevandaja rakendustega suhtlemiseks. Praegune Sharemindi klientrakenduste loomise protsess koosneb kasutajaliidese loomisest ja andmekaeve algoritmide realiseerimisest. Kasutajaliideses peab olema võimalus andmeid lisada, esitada päringuid olemasolevate andmete peal arvutuste tegemiseks ja arvutustulemusi kuvada. Järgnevalt tuleb luua andmekaevandusalgoritmid, mis realiseeritakse SecreC keeles. Loodud algoritme tuleb testida ning kontrollida, et lekkivaid andmeid ei oleks. Kuigi Sharemindi raamistik garanteerib andmete privaatsuse instruktsiooni tasemel, võivad lekked siiski esineda algoritmi tasemel. Käesoleva töö eesmärgiks on lihtsustada rakendustele algormitmide realiseerimise protsessi SecreC programmeerimiskeeles. Meie panususena on loodud integreeritud arenduskeskkond, mis toetab programmeerijat, pakkudes talle mitmeid tööriistu, mis peaksid lihtsustama programmeerimist nii SecreC keeles kui ka Sharemindi assemblerkeeles. Samuti on arenduskeskonnas liides SecreC kompileerimiseks assemblerkeeleks, kasutades Sharemindi raamistiku SerceC kompilaatorit. Juhtimisteek lubab virtuaalmasinas assemblerkeelt käivitada ning siluda. Silumise töörežiimis saab uurida virtuaalmasina pinu ja registreid. Arenduskeskond on programmeeritud C++ keeles ning kasutab Qt raamistiku suure osa funktsioonide realiseerimiseks. Qt raamistik pakub laialdast funktsionaalsust ning on platvormist sõltumatu. Samuti on kasutatud QScintilla teeki keskse koodiredaktori loomiseks. QScintilla on Qt raamistikule kohandatud versioon Scintilla teegist, mis on laialdaselt tuntud lähtekoodi redaktori teek.The goal of the bachelor’s thesis is to design and develop an Integrated Development Environment (IDE) for a privacy-preserving framework called Sharemind. More precisely, the IDE will have to enable the developer to comfortably write and debug programs written in the languages designed for Sharemind which are the assembly language of the system and the SecreC language. Sharemind is a data processing system capable of performing computations on input data without compromising its privacy. The system is based on solid cryptographic foundations – secret sharing is used to preserve the privacy of the data during storage and secure multi-party computation allows the data to be securely processed. SecreC is a C-like programming language designed for developing privacy-preserving algorithms. Currently, the SecreC compiler generates assembly code that then can be run in the Sharemind virtual machine. It has been shown to be practical for a variety of data mining tasks. The aim of this thesis is to simplify the development of privacy-preserving software using the Sharemind framework. When Sharemind is easier to develop for, it may find more use in real-world applications and will lead us to information systems with significantly better privacy guarantees. The IDE will have all the basic functionality like project management, code highlighting and code-completion which have become standard features in modern code development environments. Debugging will be an essential part of the system and its functionality will be supported for the assembly language. The tool will be written in C++. The libraries that will be used are Qt for its wide range of functionality, Sharemind controller library which will be the central part for debugging and QScintilla (which is a Qt port for a component called Scintilla) for code editing

GPERF : a perfect hash function generator

gperf is a widely available perfect hash function generator written in C++. It automates a common system software operation: keyword recognition. gperf translates an n element user-specified keyword list keyfile into source code containing a k element lookup table and a pair of functions, phash and in_word_set. phash uniquely maps keywords in keyfile onto the range 0 .. k - 1, where k >/= n. If k = n, then phash is considered a minimal perfect hash function. in_word_set uses phash to determine whether a particular string of characters str occurs in the keyfile, using at most one string comparison.This paper describes the user-interface, options, features, algorithm design and implementation strategies incorporated in gperf. It also presents the results from an empirical comparison between gperf-generated recognizers and other popular techniques for reserved word lookup

CRAY mini manual. Revision D

This document briefly describes the use of the CRAY supercomputers that are an integral part of the Supercomputing Network Subsystem of the Central Scientific Computing Complex at LaRC. Features of the CRAY supercomputers are covered, including: FORTRAN, C, PASCAL, architectures of the CRAY-2 and CRAY Y-MP, the CRAY UNICOS environment, batch job submittal, debugging, performance analysis, parallel processing, utilities unique to CRAY, and documentation. The document is intended for all CRAY users as a ready reference to frequently asked questions and to more detailed information contained in the vendor manuals. It is appropriate for both the novice and the experienced user

PCG: A prototype incremental compilation facility for the SAGA environment, appendix F

A programming environment supports the activity of developing and maintaining software. New environments provide language-oriented tools such as syntax-directed editors, whose usefulness is enhanced because they embody language-specific knowledge. When syntactic and semantic analysis occur early in the cycle of program production, that is, during editing, the use of a standard compiler is inefficient, for it must re-analyze the program before generating code. Likewise, it is inefficient to recompile an entire file, when the editor can determine that only portions of it need updating. The pcg, or Pascal code generation, facility described here generates code directly from the syntax trees produced by the SAGA syntax directed Pascal editor. By preserving the intermediate code used in the previous compilation, it can limit recompilation to the routines actually modified by editing

CcNav: Understanding Compiler Optimizations in Binary Code

Program developers spend significant time on optimizing and tuning programs. During this iterative process, they apply optimizations, analyze the resulting code, and modify the compilation until they are satisfied. Understanding what the compiler did with the code is crucial to this process but is very time-consuming and labor-intensive. Users need to navigate through thousands of lines of binary code and correlate it to source code concepts to understand the results of the compilation and to identify optimizations. We present a design study in collaboration with program developers and performance analysts. Our collaborators work with various artifacts related to the program such as binary code, source code, control flow graphs, and call graphs. Through interviews, feedback, and pair-analytics sessions, we analyzed their tasks and workflow. Based on this task analysis and through a human-centric design process, we designed a visual analytics system Compilation Navigator (CcNav) to aid exploration of the effects of compiler optimizations on the program. CcNav provides a streamlined workflow and a unified context that integrates disparate artifacts. CcNav supports consistent interactions across all the artifacts making it easy to correlate binary code with source code concepts. CcNav enables users to navigate and filter large binary code to identify and summarize optimizations such as inlining, vectorization, loop unrolling, and code hoisting. We evaluate CcNav through guided sessions and semi-structured interviews. We reflect on our design process, particularly the immersive elements, and on the transferability of design studies through our experience with a previous design study on program analysis.Comment: IEEE VIS VAST 202

A study of Kotlin's: conciseness, safety and interoperability.

In the latest Google I/O, Google’s major conference on the Android world, that took place in May 2019, they stated two huge announcements. The first one is thatthere are already more than 2.5billion active Android devices worldwide. And the second one isthat since the launch of Android in late 2008 the preferred programming language for developing Android application has been Java, but this year, 2019, this changed. Kotlin, a new programminglanguage developed by JetBrains, took its place. Both statements are huge, why would Google change its preferred programming language for Android development when they have that impressive numberof active devices?The goal of this project is to answer that question by evaluatingKotlin.We willfirstdeep dive into its main featureswhich go from writing concise code to revolutionizing asynchronous programming. We will also look at what can we build with Kotlin, which goes from mobile applications to servers or browser applications. The first approach will be theoreticalby researching what problem do Kotlin’s features solveand how to use them. Then,we will move to select the most relevant featuresand we will experimentwith them. In the experiment we will see if what the theory promises is true and at the end of evaluating these features, we willgive some analysis or proposals for improving it.Once we are more familiar with Kotlin we will build an actual Android application fully in Kotlin. The application will connect to a server and look for flights for a given group of people from different departure cities to a single destination. Therefore, we will have the possibility of creating travel groups of people and the possibility to look for flightsfor each of those.Finally, we will take everything into consideration, and we will validate Kotlin’s self-claim of being a concise, safe and interoperable language from both the theoretical and the practical points of view