Chrome Zero is a Google Chrome extension to protect users from microarchitectural and side-channel attacks.
Chrome Zero is a proof of concept implementation that defends against these attacks. It installs as a Chrome extension and protects functions, properties, and objects that can be exploited to construct attacks. The basic idea is very simple, functions are wrapped with replacement versions that allow injection of a policy. This idea of wrapping functions (and properties with accessor properties, and certain objects with proxy objects) goes by the fancy name of virtual machine layering.
Chrome Zero has a minimum performance impact:
Experts said that despite the extension’s intrusive behavior, tests showed a minimum performance impact of only 1.54% on resource usage, and an indiscernible page loading latency ranging from 0.01064s and 0.08908s —depending on the number of protection policies active at runtime.
The extension may be very well able to thwart even future and unknown Chrome zero-days as well, mainly because of its habit of rewriting dangerous functions to safer versions.
Most Popular Training Courses at Indian Cyber Security Solutions:
Cybersecurity services that can protect your company: