Watcher of the Spies

Web applications increasingly underpin other technologies and systems not least cloud computing services and the Internet of Things networks, smart infrastructure, and much more. Safeguarding user privacy on various systems and networks that use web applications has emerged as a critical concern among computer security experts.

Among the many threats they have to address and defeat are so-called cache side-channel attacks within virtualization systems as these are gaining prominence and being exploited widely by malicious and criminal third parties. Commonly, such attacks will allow the third party to steal a cryptographic key from a user and thus gain access to any data protected by that key.

Writing in the International Journal of Security and Networks, Sangeetha Ganesan of the Department of Artificial Intelligence and Data Science at the R.M.K College of Engineering and Technology in Tamil Nadu, India, explains how the almost ubiquitous web development programming language JavaScript enables access to various APIs and sensors. It is the prevalence of this language, however, that leads to privacy concerns where vulnerabilities are found and exploited by malicious third-parties. For instance, cache side-channel attacks exploit shared cache memory to allow a third party to illicitly access private, personal or otherwise sensitive information held within the cache from various users on the system by exploiting vulnerabilities in Javascript.

Unlike more conventional threats, cache side-channel attacks work by detecting the subtle differences in access times between cached and uncached values to allow the third party to extract information. Some of the malware available to such third parties is very fast and effective and so countermeasures are urgently needed to protect vulnerable systems from abuse.

To address this growing problem, Ganesan has developed the Browser Watcher system. This security solution can defend against time-based cache side-channel attacks. It works by prioritising the security of the putative victim’s secret keys. When it detects an ongoing attack, the system promptly flushes the Last Level Cache, which effectively thwarts any attempt to steal data from the cache. This proactive approach might lead to a temporary drop in computing performance, but that is a price worth paying for securing one’s data when under attack.

Ganesan, S. (2024) ‘Enabling secure modern web browsers against cache-based timing attacks’, Int. J. Security and Networks, Vol. 19, No. 1, pp.43–54.