The Use of Performance-Countersto Perform Side-Channel Attacks.

Performance and power counters were invented to allow optimizing applications, but they can also be used to expose private information about the system and the user that uses it; thus, they have the potential to become a major privacy threat. This work shows that performance traces, achieved with performance counters, are sufficient for three efficient privacy attacks on a computer. The first attack allows the identification of webpages the user uses with a high success rate of up to 100%. This attack may expose private information about the user, like political views and affiliations. The second attack allows browser version identification. Browsers are updated regularly to protect against known cyber-attacks. An attacker can use this information to choose the best attack method to achieve successful cyber-attacks. The attack is unique since it is the first study to demonstrate the detection of the browser version using a side-channel attack. The third attack allows the recovery of structural elements of Neural Networks, like the number of layers and activation functions being used. This information may assist in preparing adversarial examples against the Neural Network or in creating a similar copy of the Neural Network. To evaluate these attacks, we collected performance traces using Intel Power Gadget software-based performance counter tool. We collect traces of power consumption, utilization percentage, and clock frequency of the Intel CPU and its internal parts like DRAM memory and GPU.