突破人工智能牢笼：利用NVIDIA漏洞击败人工智能提供商.pdf

《突破人工智能牢笼：利用NVIDIA漏洞击败人工智能提供商.pdf》由会员分享，可在线阅读，更多相关《突破人工智能牢笼：利用NVIDIA漏洞击败人工智能提供商.pdf（53页珍藏版）》请在三个皮匠报告上搜索。

1、Hillai Ben-SassonhillaiAndres RianchoAndresRianchoAbout usHillai Ben-Sassonhillai Hillai and Andres Based in Israel and Argentina Security Researchers at Wiz Specialize in cloud security research Andres RianchoAndresRianchoDeepLeak:DeepSeek exposed sensitive info,including chatsAI ServicesFor end-us

2、ersMicrosoft data leak:38TB of data exposed by AI researchersAI Data SharingOllamaRedisAI InfrastructureServers and librariesAI vulnerability experienceHugging FaceReplicateSAP AI CoreAI CloudAI-as-a-ServiceNVIDIA TritonNVIDIA Container ToolkitDeepLeak:DeepSeek exposed sensitive info,including chats

3、AI ServicesFor end-usersMicrosoft data leak:38TB of data exposed by AI researchersAI Data SharingOllamaRedisAI InfrastructureServers and librariesAI vulnerability experienceHugging FaceReplicateSAP AI CoreAI CloudAI-as-a-ServiceNVIDIA TritonNVIDIA Container Toolkit#RSACAgenda01AI Infrastructure 1010

4、2NVIDIA Container Toolkit03Escaping the Container04Case Studies05Summary and TakeawaysAI Infrastructure 101How do I run AI?Training FrameworksVector DatabasesInference ServersGPUsGPUs!The one common factor between all AI providers What interfaces do they expose to developers?Whats the potential atta

5、ck surface?GPUs!NVIDIA Container ToolkitWhat is it,and how we hacked itNCT 101Container runtime libraryDeveloped by NVIDIAEnables Linux containers to accessNVIDIA GPUsNCT 102Interesting mountsmount()ContainerHost/etc/hostname/var/lib/etc/hostnamemount()Container/usr/lib/usr/local/cuda/compat/HostBin

6、d mounts inside the containerWhats next?Trick NVIDIA Container Toolkit into mounting thehost file system inside the container Create a specially crafted docker imageContainer././././././././././symlink1mount()2/usr/lib/usr/local/cuda/compat/HostNope!Fact-checkingLibraries from/compat/lib*.so.*are mo