FlipStress: Noise Injection Defenses Against CPU-Cache-Based Web Attacks
摘要
Side-channel attacks via the CPU-cache can leak sensitive information about web browsing users. Two prominent forms of such attacks are targeted deanonymization, which reveals a user’s identity, and website fingerprinting, which exposes which websites a user visits. In this paper, we present FlipStress, a defense that mitigates these attacks by injecting artificial noise to obfuscate the cache patterns and render the side-channel information ineffective. FlipStress is designed to withstand strong attacks that leverage machine learning models to interpret the cache readings. Towards this goal, we start by developing several stressor programs that create artificial noise by performing continuous read or write operations on cache-sized data structures. We then consider progressively stronger attackers who incorporate increasingly more information about the defense mechanism into their machine learning pipeline. Conversely, we enhance gradually the defense strategy and converge on FlipStress, which injects artificial noise by switching a randomly picked stressor at regular time intervals. We implement FlipStress in JavaScript as a browser extension meant for selective activation when users visit high-risk or sensitive websites where protection against cache-based attacks is critical. FlipStress reduces targeted deanonymization accuracy to 57.5% (base rate 50%) and website fingerprinting accuracy to 6.3% (base rate 1%), with tunable performance overhead between 31%-226%.