We found that machine learning can be used to identify activity on your computer from traces recorded in JavaScript that measure CPU instruction throughput over time. Please let me know if you have any feedback or questions! Really happy to discuss our work.
I guess these traces should depend on users network (location/latency/throughput/tor-enabled) and CPU. Did you use these as additional features for your model? Or was it a single configuration being tested?
Yeah we tested with only a couple configurations for the paper, and the model only took traces themselves as the input, no additional features.
In an earlier version of this project, I sent my code to 30 of my friends (all with different locations, networks, OS, etc) and had them collect a bunch of traces, and we found that the models lose a little accuracy when predicting traces on other machines, but not too much (maybe low 90s to low 80s, can be worse depending on the machines). We decided to focus more on the system interrupts/side channel analysis for this paper but we think that would be great follow-up work.
Yeah, disabling or suspending JS in background tabs would definitely kill this version of the attack. However, our attack also isn't limited to JavaScript -- many of our experiments in the paper are implemented with a Python attacker. It can be implemented in basically any programming language and embedded in any application on your machine.
Paper: https://jackcook.github.io/bigger-fish/paper.pdf
GitHub: https://github.com/jackcook/bigger-fish
We found that machine learning can be used to identify activity on your computer from traces recorded in JavaScript that measure CPU instruction throughput over time. Please let me know if you have any feedback or questions! Really happy to discuss our work.