Key Takeaways
- Machine learning can be used to identify activity on your computer from traces recorded in JavaScript that measure CPU instruction throughput over time
-
We found this type of attack exploits signals from system interrupts,
which operating systems use to interact with hardware devices
- When a core processes interrupts, it pauses the execution of an attacker, creating a signal that can be exploited
- Our loop-counting attack can correctly identify one of 100 websites being opened 96.6% of the time in Chrome on Linux
- We identified a randomized timer mitigation that reduces our attack’s accuracy to near chance
Awards
- First Place, Intel Hardware Security Academic Award
- IEEE Micro Top Picks
- MIT Robert M. Fano UROP Award