Remote Scheduler Contention Attacks Article Swipe

PDF

Related Concepts

Computer science Computer security

Stefan Gast , Jonas Juffinger , Lukas Maar , Christoph Royer , Andreas Kogler , Daniel Gruss ·

YOU? · · 2024 · Open Access · · DOI: https://doi.org/10.48550/arxiv.2404.07042 · OA: W4394737140

In this paper, we investigate unexplored aspects of scheduler contention: We systematically study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We mount the first scheduler contention attacks on Zen 4, with a novel measurement method evoking an out-of-order race condition, more precise than the state of the art. We demonstrate the first inter-keystroke timing attacks based on scheduler contention, with an F1 score of $\geq$ 99.5 % and a standard deviation below 4 ms from the ground truth. Our end-to-end JavaScript attack transmits across Firefox instances, bypassing cross-origin policies and site isolation, with 891.9 bit/s (Zen 3) and 940.7 bit/s (Zen 4).