Lurking Eyes: A Method to Detect Side-Channel Attacks on JavaScript and WebAssembly

Abstract

Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main categories that employ the time difference of running an operation in different states. In recent years, many types of timing side-channel analysis are proposed under the name of cache attacks. The limitation of such attacks is the requirement of running a spy program locally on the targeted device. Various studies have tried to overcome this limitation by implementing timing side-channel attacks, specially cache attacks, remotely on JavaScript and WebAssembly. There are some countermeasures proposed by previous works at three levels of hardware, operating system, and software. The main approach in most of previous works is to prevent timing side-channel attacks by disabling the essential features of JavaScript. In this paper, we weight the pros and cons of the previous countermeasures and propose a novel detection-based approach, namely Lurking Eyes. The proposed approach has the least performance reduction in JavaScript and WebAssembly. The evaluation results show that the Lurking Eyes has an accuracy of 0.998, precision of 0.983, and F-measure of 0.983. Considering the evaluation results and fewer limitations compared to previous works, Lurking Eyes method can be introduced as an effective way to counter timing side-channel attacks on JavaScript and WebAssembly.