Title: Enabling secure modern web browsers against cache-based timing attacks

Authors: Sangeetha Ganesan

Addresses: Department of Artificial Intelligence and Data Science, R.M.K College of Engineering and Technology, Tiruvallur District, Tamil Nadu, India

Abstract: Web applications have grown to be the foundation of any kind of system, ranging from cloud services to the internet of things (IoT) systems. As a huge amount of sensitive data is processed in web applications, user privacy shows as the most important concern in web security. In the virtualisation system, cache side channel (CSC) attack techniques have become popular to retrieve the secret information of other users. This paper presents a run-time detection and prevention mechanism, called browser watcher (BW), for time-driven CSC attacks. The computation overhead of the proposed BW java script engine is monitored and tabulated for the different domains. The average cache miss rate is measured from 23% to 89%. Once the BW system identifies the attacker, then it prevents stealing the secret information of the victim. This makes it very hard for the attacker to find the memory access pattern of the victim.

Keywords: cache side channel; CSC attack; timing attack; BW system; cache attack prevention; internet of things; IoT.

DOI: 10.1504/IJSN.2024.137330

International Journal of Security and Networks, 2024 Vol.19 No.1, pp.43 - 54

Received: 11 Sep 2022
Accepted: 14 Jun 2023
Published online: 12 Mar 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article