Microarchitectural attacks on CPU structures have been studied in native applications, as well as in web browsers. These attacks continue to be a substantial threat to computing systems at all scales. With the proliferation of heterogeneous systems and integration of hardware accelerators in every computing system, modern web browsers provide the support of GPU-based acceleration for the graphics and rendering processes. Emerging web standards also support the GPU acceleration of general-purpose computation within web browsers. In this paper, we present a new attack vector for microarchitectural attacks in web browsers. We use emerging GPU accelerating APIs in modern browsers (specifically WebGPU) to launch a GPU-based cache side channel attack on the compute stack of the GPU that spies on victim activities on the graphics (rendering) stack of the GPU. Unlike prior works that rely on JavaScript APIs or software interfaces to build timing primitives, we build the timer using GPU hardware resources and develop a cache side channel attack on Intel's integrated GPUs. We leverage the GPU's inherent parallelism at different levels to develop high-resolution parallel attacks. We demonstrate that GPU-based cache attacks can achieve a precision of 90 for website fingerprinting of 100 top websites. We also discuss potential countermeasures against the proposed attack to secure the systems at a critical time when these web standards are being developed and before they are widely deployed.

翻译：针对CPU架构的微架构攻击已在原生应用及网页浏览器中被广泛研究。这类攻击持续对各类计算系统构成重大威胁。随着异构系统的普及及硬件加速器在各类计算系统中的集成，现代网页浏览器已支持基于GPU的图形渲染加速。新兴网络标准亦支持在浏览器内进行通用计算的GPU加速。本文提出了一种针对网页浏览器微架构攻击的新型攻击向量。我们利用现代浏览器中新兴的GPU加速接口（尤其是WebGPU），对GPU计算堆栈发起基于缓存的侧信道攻击，以窥探目标在GPU图形渲染堆栈中的活动。与以往依赖JavaScript API或软件接口构建计时基元的方案不同，我们利用GPU硬件资源构建计时器，并对英特尔集成GPU开发了缓存侧信道攻击。我们利用GPU在不同层面的固有并行性，开发出高分辨率并行攻击。实验表明，基于GPU的缓存攻击对100个热门网站可达到90%的网站指纹识别准确率。我们还讨论了针对该攻击的潜在防御措施，以在相关网络标准正被制定且尚未广泛部署的关键时期保障系统安全。