This study addresses the challenge of detecting remote cache-side-channel fingerprinting attacks—such as cryptographic key and user behavior inference—in multi-tenant environments. We propose a hybrid deep learning method that jointly leverages feature extraction and temporal modeling capabilities. Specifically, we design a novel CNN-LSTM multimodal collaborative architecture, the first to enable unified detection across diverse cache-side-channel attack types. To capture cache access temporal characteristics, we introduce a trace-specific feature enhancement strategy incorporating sliding-window preprocessing and trace normalization. Evaluated on real-world cache trace datasets, our model achieves a detection rate of 99.96% and a false positive rate below 0.02%, outperforming five baseline models (MLP, CNN, RNN, LSTM, GRU) by an average of 1.7 percentage points. The approach significantly improves the identification of covert cache-based interactions between co-resident processes.

Cache side channel attacks are a sophisticated and persistent threat that exploit vulnerabilities in modern processors to extract sensitive information. These attacks leverage weaknesses in shared computational resources, particularly the last level cache, to infer patterns in data access and execution flows, often bypassing traditional security defenses. Such attacks are especially dangerous as they can be executed remotely without requiring physical access to the victim's device. This study focuses on a specific class of these threats: fingerprinting attacks, where an adversary monitors and analyzes the behavior of co-located processes via cache side channels. This can potentially reveal confidential information, such as encryption keys or user activity patterns. A comprehensive threat model illustrates how attackers sharing computational resources with target systems exploit these side channels to compromise sensitive data. To mitigate such risks, a hybrid deep learning model is proposed for detecting cache side channel attacks. Its performance is compared with five widely used deep learning models: Multi-Layer Perceptron, Convolutional Neural Network, Simple Recurrent Neural Network, Long Short-Term Memory, and Gated Recurrent Unit. The experimental results demonstrate that the hybrid model achieves a detection rate of up to 99.96%. These findings highlight the limitations of existing models, the need for enhanced defensive mechanisms, and directions for future research to secure sensitive data against evolving side channel threats.