MicroScope: Enabling Microarchitectural Replay Attacks

A microarchitectural replay attack is a novel class of attack where an adversary can denoise nearly arbitrary microarchitectural side channels in a single run of the victim. The idea is to cause the victim to repeatedly replay by inducing pipeline flushes. In this article, we design, implement, and demonstrate our ideas in a framework, called MicroScope, that causes repeated pipeline flushes by inducing page faults. Our main result shows that MicroScope can denoise the port contention channel of execution units. Specifically, we show how MicroScope can reliably detect the presence or absence of as few as two divide instructions in a single logical run of the victim program. We also discuss the broader implications of microarchitectural replay attacks.