exploring_tlb

The primary focus of modern Central Processing Unit (CPU) technologies is performanceimprovement, with security often considered a secondary concern. As a result, vulnerabilities within thesystem are overlooked. While significant research, both offensive and defensive, has been conducted on CPUcaches, relatively little attention has been given to the Translation Lookaside Buffer (TLB) due to its lack ofdata granularity. Studies have often discounted the TLB, affirming that other microarchitectural componentsare more effective at leaking information. This study challenges that assumption by leveraging HardwarePerformance Counters (HPCs) to collect data from the TLB for task classification. In this methodology, anattacker uses HPCs to collect TLB-based data while a victim executes tasks. Statistical learning modelstrained on the collected data, specifically Random Forest (RF) and Logistic Regression (LR), achieveda classification accuracy of 87%, which surpasses the next best approach to TLB-based classification by11%. Additionally, neural networks, including Artificial Neural Networks (ANNs) and Convolution NeuralNetworks (CNNs), were analyzed and achieved an accuracy of 88%, exceeding the next best approach by12%. These findings demonstrate the potential of TLB-based methodologies for task classification, victimmonitoring, and future security enhancements in microarchitectural design.