Penetrating Machine Learning Servers via Exploiting BMC Vulnerability

Penetrating Machine Learning Servers via Exploiting BMC Vulnerability

연구 분야: Analysis

학회: International Conference on Machine Learning for Cyber Security

With the recent significant advancements in machine learning fields, there has been an increasing focus on the data security and availability of servers, which serve as critical hardware infrastructure supporting AI computations. However, most existing security research has primarily focused on upper layers, attempting to defend against attacks from applications and operating system , thereby neglecting research in firmware and lower-level management modules. Nevertheless, these fields are crucial in constructing a comprehensive security chain. To analyze the security of lower-level management modules, this paper introduces a method for privilege escalation through vulnerabilities in the Baseboard Management Controller (BMC) of the server. The BMC is a critical component responsible for managing and monitoring the hardware of the server. This method allows for bypassing the Kernel Address Space Layout Randomization (KASLR) protection of the Linux kernel and implanting a backdoor into the host operating system, thereby gaining root access to the host. Through this method, we can access server memory data or execute malicious programs arbitrarily without physical contact, and reinstalling the system cannot overwrite the modifications made in the BMC. This poses a significant security threat to servers.