S0100Significant

GPU 計算平台側通道攻擊

Design & Development

Risk Description

GPU hardware platforms used for AI training and inference present side-channel security risks. Attackers can infer sensitive data or model architectures of other tenants through shared GPU timing analysis, power consumption monitoring, or memory access pattern analysis. In cloud GPU sharing environments, such attacks allow stealing confidential information without direct access to target systems.

Framework Mappings

iso 23894R2
tw principle資安與安全
tw principle隱私保護與數據治理
tw risk type技術設計缺陷(Technical Design Flaw)

Controls English translation pending

  • GPU 隔離
  • 側通道防護

Implementation Steps English translation pending

  1. 對高敏感工作負載使用專用 GPU 實例,避免多租戶共享
  2. 實施 GPU 記憶體清除策略,確保任務切換時不殘留數據
  3. 評估雲端 GPU 供應商的側通道防護措施
  4. 對模型訓練的時序和存取模式進行隨機化處理