The number of micro-architectural attacks increase gradually, which affects the security of the computers, databases, cloud systems and so on. Since it is difficult to patch the leakages for every attack, we introduce a generic dynamic detection tool. To build the detection tool, we collect the data from system-wide performance counters and train the detection model by using unsupervised RNN techniques.

Offline Phase: 

• Choose performance counters
• Collect the benign execution data
• Train the LSTM/GRU model

Online Phase:

• Collect real-time data
• Detect the outliers using trained model

We compare our results with previous techniques in the case of system-wide profiling, and we have the highest F-score with a value of 0.9970.

FortuneTeller shows that decent Deep Learning techniques can improve the detection rate in a noisy environment. We detect existing micro-architectural attacks (Spectre, Meltdown, ZombieLoad, cache attacks and Rowhammer) with a very high accuracy.

Complete work can be read from here.