Accession Number : AD1002654


Title :   The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications


Descriptive Note : Conference Paper


Corporate Author : Columbia University New York City United States


Personal Author(s) : Oren,Yossef ; Kemerlis,Vasileios P ; Sethumadhavan,Simha ; Keromytis,Angelos D


Full Text : http://www.dtic.mil/dtic/tr/fulltext/u2/1002654.pdf


Report Date : 16 Oct 2015


Pagination or Media Count : 13


Abstract : We present a micro-architectural side-channel attack that runs entirely in the browser. In contrast to previous work in this genre, our attack does not require the attacker to install software on the victim's machine; to facilitate the attack, the victim needs only to browse to an untrusted webpage that contains attacker-controlled content. This makes our attack model highly scalable, and extremely relevant and practical to today's Web, as most desktop browsers currently used to access the Internet are affected by such side channel threats. Our attack, which is an extension to the last-level cache attacks of Liu et al. [14], allows a remote adversary to recover information belonging to other processes, users, and even virtual machines running on the same physical host with the victim web browser. We describe the fundamentals behind our attack, and evaluate its performance characteristics. In addition, we show how it can be used to compromise user privacy in a common setting, letting an attacker spy after a victim that uses private browsing. Defending against this side channel is possible, but the required countermeasures can exact an impractical cost on benign uses of the browser.


Descriptors :   web browsers , cryptography , personal computers , social networking services , microarchitecture


Distribution Statement : APPROVED FOR PUBLIC RELEASE