I'm looking forward to presenting my paper, "Continuous User Behavior Monitoring using DNS Cache Timing Attacks" at NDSS next week!
We mount an Evict+Reload-style attack on the local DNS cache, detecting recently accessed domains and evicting to continuously monitor new accesses.

Our attack works from native code, even across virtual machines and containers.
We also run the attack in the browser from a malicious website, using JavaScript or even scriptless HTML+CSS.
Most underlying primitives are OS-agnostic!

Read the paper here: https://hannesweissteiner.com/publications/dmt/

Thanks to Roland Czerny, @silent_bits, @notbobbytables , Johanna Ullrich and @lavados for the amazing collaboration!