TY - GEN
T1 - Penetrating Machine Learning Servers via Exploiting BMC Vulnerability
AU - Liu, Yashi
AU - Qiu, Kefan
AU - Liu, Lu
AU - Zhang, Quanxin
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.
PY - 2024
Y1 - 2024
N2 - With the recent significant advancements in machine learning fields, there has been an increasing focus on the data security and availability of servers, which serve as critical hardware infrastructure supporting AI computations. However, most existing security research has primarily focused on upper layers, attempting to defend against attacks from applications and operating system , thereby neglecting research in firmware and lower-level management modules. Nevertheless, these fields are crucial in constructing a comprehensive security chain. To analyze the security of lower-level management modules, this paper introduces a method for privilege escalation through vulnerabilities in the Baseboard Management Controller (BMC) of the server. The BMC is a critical component responsible for managing and monitoring the hardware of the server. This method allows for bypassing the Kernel Address Space Layout Randomization (KASLR) protection of the Linux kernel and implanting a backdoor into the host operating system, thereby gaining root access to the host. Through this method, we can access server memory data or execute malicious programs arbitrarily without physical contact, and reinstalling the system cannot overwrite the modifications made in the BMC. This poses a significant security threat to servers.
AB - With the recent significant advancements in machine learning fields, there has been an increasing focus on the data security and availability of servers, which serve as critical hardware infrastructure supporting AI computations. However, most existing security research has primarily focused on upper layers, attempting to defend against attacks from applications and operating system , thereby neglecting research in firmware and lower-level management modules. Nevertheless, these fields are crucial in constructing a comprehensive security chain. To analyze the security of lower-level management modules, this paper introduces a method for privilege escalation through vulnerabilities in the Baseboard Management Controller (BMC) of the server. The BMC is a critical component responsible for managing and monitoring the hardware of the server. This method allows for bypassing the Kernel Address Space Layout Randomization (KASLR) protection of the Linux kernel and implanting a backdoor into the host operating system, thereby gaining root access to the host. Through this method, we can access server memory data or execute malicious programs arbitrarily without physical contact, and reinstalling the system cannot overwrite the modifications made in the BMC. This poses a significant security threat to servers.
KW - AI Security
KW - BMC
KW - Buffer Overflow
KW - KASLR
UR - http://www.scopus.com/inward/record.url?scp=85192368642&partnerID=8YFLogxK
U2 - 10.1007/978-981-97-2458-1_11
DO - 10.1007/978-981-97-2458-1_11
M3 - Conference contribution
AN - SCOPUS:85192368642
SN - 9789819724574
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 163
EP - 172
BT - Machine Learning for Cyber Security - 5th International Conference, ML4CS 2023, Proceedings
A2 - Kim, Dan Dongseong
A2 - Chen, Chao
PB - Springer Science and Business Media Deutschland GmbH
T2 - 5th International Conference on Machine Learning for Cyber Security, ML4CS 2023
Y2 - 4 December 2023 through 6 December 2023
ER -