TY - GEN
T1 - The spy in the sandbox
T2 - 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015
AU - Oren, Yossef
AU - Kemerlis, Vasileios P.
AU - Sethumadhavan, Simha
AU - Keromytis, Angelos D.
N1 - Funding Information:
We are grateful to Yinqian Zhang, our shepherd, and the anonymous reviewers for their valuable comments. We also thank Kiril Tsemekhman and Jason Shaw for providing interesting directions regarding this research. This work was supported by the Office of Naval Research (ONR) through Contract N00014-12-1-0166. Any opinions, findings, conclusions, or recommendations expressed herein are those of the authors, and do not necessarily reflect those of the US Government or ONR.
PY - 2015/10/12
Y1 - 2015/10/12
N2 - We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast to previous work in this genre, our attack does not require the attacker to install software on the victim's machine; to facilitate the attack, the victim needs only to browse to an untrusted webpage that contains attacker-controlled content. This makes our attack model highly scalable, and extremely relevant and practical to today'sWeb, as most desktop browsers currently used to access the Internet are affected by such side channel threats. Our attack, which is an extension to the last-level cache attacks of Liu et al. [14], allows a remote adversary to recover information belonging to other processes, users, and even virtual machines running on the same physical host with the victim web browser. We describe the fundamentals behind our attack, and evaluate its performance characteristics. In addition, we show how it can be used to compromise user privacy in a common setting, letting an attacker spy after a victim that uses private browsing. Defending against this side channel is possible, but the required countermeasures can exact an impractical cost on benign uses of the browser.
AB - We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast to previous work in this genre, our attack does not require the attacker to install software on the victim's machine; to facilitate the attack, the victim needs only to browse to an untrusted webpage that contains attacker-controlled content. This makes our attack model highly scalable, and extremely relevant and practical to today'sWeb, as most desktop browsers currently used to access the Internet are affected by such side channel threats. Our attack, which is an extension to the last-level cache attacks of Liu et al. [14], allows a remote adversary to recover information belonging to other processes, users, and even virtual machines running on the same physical host with the victim web browser. We describe the fundamentals behind our attack, and evaluate its performance characteristics. In addition, we show how it can be used to compromise user privacy in a common setting, letting an attacker spy after a victim that uses private browsing. Defending against this side channel is possible, but the required countermeasures can exact an impractical cost on benign uses of the browser.
KW - Cache-timing attacks
KW - Covert channel
KW - JavaScript-based cache attacks
KW - Side-channel attacks
KW - User tracking
UR - http://www.scopus.com/inward/record.url?scp=84954143957&partnerID=8YFLogxK
U2 - 10.1145/2810103.2813708
DO - 10.1145/2810103.2813708
M3 - Conference contribution
AN - SCOPUS:84954143957
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 1406
EP - 1418
BT - CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
PB - Association for Computing Machinery
Y2 - 12 October 2015 through 16 October 2015
ER -