{"id":"https://openalex.org/W4288057752","doi":"https://doi.org/10.1109/sp46214.2022.9833711","title":"Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution","display_name":"Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W4288057752","doi":"https://doi.org/10.1109/sp46214.2022.9833711"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833711","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833711","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5112724938","display_name":"Ayush Agarwal","orcid":null},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan\u2013Ann Arbor","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ayush Agarwal","raw_affiliation_strings":["University of Michigan"],"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085726869","display_name":"Sioli O\u2019Connell","orcid":null},"institutions":[{"id":"https://openalex.org/I5681781","display_name":"University of Adelaide","ror":"https://ror.org/00892tw58","country_code":"AU","type":"education","lineage":["https://openalex.org/I5681781"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Sioli O\u2019Connell","raw_affiliation_strings":["University of Adelaide"],"affiliations":[{"raw_affiliation_string":"University of Adelaide","institution_ids":["https://openalex.org/I5681781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033736827","display_name":"Jason Z. Kim","orcid":"https://orcid.org/0000-0002-3970-4561"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jason Kim","raw_affiliation_strings":["Georgia Institute of Technology"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080312141","display_name":"Shaked Yehezkel","orcid":null},"institutions":[{"id":"https://openalex.org/I16391192","display_name":"Tel Aviv University","ror":"https://ror.org/04mhzgx49","country_code":"IL","type":"education","lineage":["https://openalex.org/I16391192"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Shaked Yehezkel","raw_affiliation_strings":["Tel Aviv University"],"affiliations":[{"raw_affiliation_string":"Tel Aviv University","institution_ids":["https://openalex.org/I16391192"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029386182","display_name":"Daniel Genkin","orcid":"https://orcid.org/0000-0003-2720-9288"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daniel Genkin","raw_affiliation_strings":["Georgia Institute of Technology"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000713291","display_name":"Eyal Ronen","orcid":"https://orcid.org/0000-0002-6013-7426"},"institutions":[{"id":"https://openalex.org/I16391192","display_name":"Tel Aviv University","ror":"https://ror.org/04mhzgx49","country_code":"IL","type":"education","lineage":["https://openalex.org/I16391192"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Eyal Ronen","raw_affiliation_strings":["Tel Aviv University"],"affiliations":[{"raw_affiliation_string":"Tel Aviv University","institution_ids":["https://openalex.org/I16391192"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056484605","display_name":"Yuval Yarom","orcid":"https://orcid.org/0000-0003-0401-4197"},"institutions":[{"id":"https://openalex.org/I5681781","display_name":"University of Adelaide","ror":"https://ror.org/00892tw58","country_code":"AU","type":"education","lineage":["https://openalex.org/I5681781"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yuval Yarom","raw_affiliation_strings":["University of Adelaide"],"affiliations":[{"raw_affiliation_string":"University of Adelaide","institution_ids":["https://openalex.org/I5681781"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5112724938"],"corresponding_institution_ids":["https://openalex.org/I27837315"],"apc_list":null,"apc_paid":null,"fwci":1.767,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.86969403,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"699","last_page":"715"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9822999835014343,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7893837690353394},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.7285966873168945},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.7208578586578369},{"id":"https://openalex.org/keywords/information-leakage","display_name":"Information leakage","score":0.5965933203697205},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5826698541641235},{"id":"https://openalex.org/keywords/isolation","display_name":"Isolation (microbiology)","score":0.565708339214325},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.5500232577323914},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5331527590751648},{"id":"https://openalex.org/keywords/information-sensitivity","display_name":"Information sensitivity","score":0.5251756906509399},{"id":"https://openalex.org/keywords/address-space","display_name":"Address space","score":0.4778715670108795},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.425899475812912},{"id":"https://openalex.org/keywords/space","display_name":"Space (punctuation)","score":0.42257094383239746},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2558722496032715}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7893837690353394},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.7285966873168945},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.7208578586578369},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.5965933203697205},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5826698541641235},{"id":"https://openalex.org/C2775941552","wikidata":"https://www.wikidata.org/wiki/Q25212305","display_name":"Isolation (microbiology)","level":2,"score":0.565708339214325},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.5500232577323914},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5331527590751648},{"id":"https://openalex.org/C137822555","wikidata":"https://www.wikidata.org/wiki/Q2587068","display_name":"Information sensitivity","level":2,"score":0.5251756906509399},{"id":"https://openalex.org/C144240696","wikidata":"https://www.wikidata.org/wiki/Q367204","display_name":"Address space","level":2,"score":0.4778715670108795},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.425899475812912},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.42257094383239746},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2558722496032715},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C89423630","wikidata":"https://www.wikidata.org/wiki/Q7193","display_name":"Microbiology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46214.2022.9833711","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833711","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320313176","display_name":"Robert Bosch","ror":"https://ror.org/02venad53"},{"id":"https://openalex.org/F4320322252","display_name":"Israel Science Foundation","ror":"https://ror.org/04sazxf24"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":78,"referenced_works":["https://openalex.org/W1427174644","https://openalex.org/W1488058190","https://openalex.org/W1555558540","https://openalex.org/W1557855942","https://openalex.org/W1934458198","https://openalex.org/W1964281299","https://openalex.org/W2061354941","https://openalex.org/W2119028650","https://openalex.org/W2146573211","https://openalex.org/W2150620897","https://openalex.org/W2163563130","https://openalex.org/W2492446575","https://openalex.org/W2537031054","https://openalex.org/W2593994116","https://openalex.org/W2604789199","https://openalex.org/W2616901112","https://openalex.org/W2751962962","https://openalex.org/W2775990858","https://openalex.org/W2795222486","https://openalex.org/W2868863044","https://openalex.org/W2883613460","https://openalex.org/W2884163605","https://openalex.org/W2884364581","https://openalex.org/W2888798936","https://openalex.org/W2889508486","https://openalex.org/W2900479912","https://openalex.org/W2912742709","https://openalex.org/W2951328987","https://openalex.org/W2954241526","https://openalex.org/W2963311060","https://openalex.org/W2963757608","https://openalex.org/W2964334034","https://openalex.org/W2976763854","https://openalex.org/W2982848142","https://openalex.org/W3015844015","https://openalex.org/W3015844221","https://openalex.org/W3033227568","https://openalex.org/W3037927977","https://openalex.org/W3038069436","https://openalex.org/W3049152512","https://openalex.org/W3096372727","https://openalex.org/W3104057340","https://openalex.org/W3112409568","https://openalex.org/W3152901657","https://openalex.org/W3157056325","https://openalex.org/W3170537084","https://openalex.org/W3175411890","https://openalex.org/W3195513561","https://openalex.org/W3198158199","https://openalex.org/W3213572793","https://openalex.org/W4254175419","https://openalex.org/W4297740902","https://openalex.org/W6628261430","https://openalex.org/W6629297748","https://openalex.org/W6633448724","https://openalex.org/W6682161550","https://openalex.org/W6684146691","https://openalex.org/W6720892955","https://openalex.org/W6723338749","https://openalex.org/W6734345789","https://openalex.org/W6736329903","https://openalex.org/W6743783450","https://openalex.org/W6753251892","https://openalex.org/W6753443810","https://openalex.org/W6753807672","https://openalex.org/W6753937820","https://openalex.org/W6754306559","https://openalex.org/W6755973694","https://openalex.org/W6756740455","https://openalex.org/W6758414631","https://openalex.org/W6764257909","https://openalex.org/W6770841193","https://openalex.org/W6775502495","https://openalex.org/W6780195873","https://openalex.org/W6791762903","https://openalex.org/W6795103122","https://openalex.org/W6799855602","https://openalex.org/W6801391798"],"related_works":["https://openalex.org/W4288075818","https://openalex.org/W189451467","https://openalex.org/W2077568170","https://openalex.org/W3200138464","https://openalex.org/W2143793665","https://openalex.org/W2005777545","https://openalex.org/W2138926267","https://openalex.org/W3010548582","https://openalex.org/W2891986975","https://openalex.org/W3167747526"],"abstract_inverted_index":{"The":[0,84],"discovery":[1],"of":[2,87,102,105,118,146,164,190,199,228,234],"the":[3,12,56,61,80,100,106,130,147,162,171,186,191,197,225,239,247],"Spectre":[4,90,180,222],"attack":[5,181],"in":[6,79,96,203,230],"2018":[7],"has":[8],"sent":[9],"shockwaves":[10],"through":[11],"computer":[13],"industry,":[14],"affecting":[15],"processor":[16],"vendors,":[17],"OS":[18],"providers,":[19],"programming":[20],"language":[21],"developers,":[22],"and":[23,43,150,205,236,258],"more.":[24],"Because":[25],"web":[26,93],"browsers":[27,94],"execute":[28],"untrusted":[29],"code":[30],"while":[31],"potentially":[32],"accessing":[33],"sensitive":[34,213],"information,":[35,138],"they":[36],"were":[37],"considered":[38],"prime":[39],"targets":[40],"for":[41],"attacks":[42,166],"underwent":[44],"significant":[45],"changes":[46],"to":[47,92,124,142,211],"protect":[48],"users":[49],"from":[50,73,185,215,238],"speculative":[51],"execution":[52],"attacks.":[53],"In":[54,156],"particular,":[55],"Google":[57],"Chrome":[58],"browser":[59],"adopted":[60],"strict":[62,200],"site":[63,201],"isolation":[64,202],"policy":[65],"that":[66,71,89,120,134,161,170,182,208,221,246],"prevents":[67],"leakage":[68,117],"by":[69],"ensuring":[70],"content":[72],"different":[74],"domains":[75],"is":[76,121,139,173],"not":[77,152,168],"shared":[78],"same":[81],"address":[82,148,188],"space.":[83],"perceived":[85],"level":[86],"risk":[88,172],"poses":[91],"stands":[95],"stark":[97],"contrast":[98],"with":[99],"paucity":[101],"published":[103,165],"demonstrations":[104],"attack.":[107],"Before":[108],"mid-March":[109],"2021,":[110],"there":[111],"was":[112],"no":[113],"public":[114],"proof-of-concept":[115,133],"demonstrating":[116,232],"information":[119,214],"otherwise":[122],"inaccessible":[123],"an":[125],"attacker.":[126],"Moreover,":[127],"Google\u2019s":[128],"leaky.page,":[129],"only":[131,143],"current":[132],"can":[135,183],"read":[136,184,212],"such":[137,254],"severely":[140],"restricted":[141],"a":[144,178],"subset":[145],"space":[149,189],"does":[151,167],"perform":[153],"cross-website":[154],"accesses.":[155],"this":[157],"paper,":[158],"we":[159,244],"demonstrate":[160,206],"absence":[163],"indicate":[169],"mitigated.":[174],"We":[175,194,218],"present":[176],"Spook.js,":[177],"JavaScript-based":[179],"entire":[187],"attacking":[192],"webpage.":[193],"further":[195,219],"investigate":[196],"implementation":[198],"Chrome,":[204,231],"limitations":[207],"allow":[209],"Spook.js":[210],"other":[216,251],"webpages.":[217],"show":[220,245],"adversely":[223],"affects":[224,250],"security":[226],"model":[227],"extensions":[229],"leaks":[233],"usernames":[235],"passwords":[237],"LastPass":[240],"password":[241],"manager.":[242],"Finally,":[243],"problem":[248],"also":[249],"Chromium-based":[252],"browsers,":[253],"as":[255],"Microsoft":[256],"Edge":[257],"Brave.":[259]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}