skip to main content
10.1145/3214292.3214299acmotherconferencesArticle/Chapter ViewAbstractPublication PageshaspConference Proceedingsconference-collections
research-article

Rapid detection of rowhammer attacks using dynamic skewed hash tree

Published: 02 June 2018 Publication History

Abstract

RowHammer attacks pose a security threat to DRAM chips by causing bit-flips in sensitive memory regions. We propose a technique that combines a sliding window protocol and a dynamic integrity tree to rapidly detect multiple bit-flips caused by RowHammer attacks. Sliding window protocol monitors the frequent accesses made to the same bank in short intervals to identify the vulnerable rows. Dynamic integrity tree relies on SHA-3 Keccak hash function while maintaining the minimal number of vulnerable rows at any particular time to enable detection of bit flips. We demonstrate the effectiveness of the proposed approach by performing RowHammer attacks using the prime and probe method with a DDR3 DRAM. We show that the dynamic tree structure only needs to maintain a small number of vulnerable rows at a time, thus notably reducing the height of the integrity tree to enable rapid detection of the bit-flips.

References

[1]
Zelalem Birhanu Aweke, Salessawi Ferede Yitbarek, Rui Qiao, Reetuparna Das, Matthew Hicks, Yossi Oren, and Todd Austin. 2016. ANVIL: Software-based protection against next-generation rowhammer attacks. ACM SIGPLAN Notices 51, 4 (2016), 743--755.
[2]
Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. 2009. Keccak sponge function family main document. Submission to NIST (Round 2) 3, 30 (2009).
[3]
Sarani Bhattacharya and Debdeep Mukhopadhyay. 2016. Curious case of rowhammer: flipping secret exponent bits using timing analysis. In International Conference on Cryptographic Hardware and Embedded Systems. Springer, 602--624.
[4]
Reouven Elbaz, David Champagne, Catherine Gebotys, Ruby B Lee, Nachiketh Potlapally, and Lionel Torres. 2009. Hardware mechanisms for memory authentication: A survey of existing techniques and engines. In Transactions on Computational Science IV. Springer, 1--22.
[5]
Daniel Gruss, Clémentine Maurice, and Stefan Mangard. 2016. Rowhammer. js: A remote software-induced fault attack in javascript. In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 300--321.
[6]
Yeongjin Jang, Jaehyuk Lee, Sangho Lee, and Taesoo Kim. 2017. SGX-Bomb: Locking Down the Processor via Rowhammer Attack. (2017).
[7]
Dae-Hyun Kim, Prashant J Nair, and Moinuddin K Qureshi. 2015. Architectural support for mitigating row hammering in DRAM memories. IEEE Computer Architecture Letters 14, 1 (2015), 9--12.
[8]
Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji-Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014, Minneapolis, MN,USA, June 14--18, 2014. 361--372.
[9]
Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In ACM SIGARCH Computer Architecture News, Vol. 42. IEEE Press, 361--372.
[10]
Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu. 2016. RowHammer: Reliability Analysis and Security Implications. arXiv preprint arXiv:1603.00747 (2016).
[11]
Prashant Nair, Chia-Chen Chou, and Moinuddin K Qureshi. 2013. A case for refresh pausing in DRAM memory systems. In High Performance Computer Architecture (HPCA2013), 2013 IEEE 19th International Symposium on. IEEE, 627--638.
[12]
Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10--12, 2016., Thorsten Holz and Stefan Savage (Eds.). USENIX Association, 565--581. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/pessl
[13]
Steven Pigeon and Yoshua Bengio. 1998. A memory-efficient adaptive Huffman coding algorithm for very large sets of symbols. In Data Compression Conference, 1998. DCC'98. Proceedings. IEEE, 568.
[14]
Mark Seaborn and Thomas Dullien. 2015. Exploiting the DRAM rowhammer bug to gain kernel privileges. Black Hat (2015).
[15]
Seyed Mohammad Seyedzadeh, Alex K Jones, and Rami Melhem. 2017. Counter-based tree structure for row hammering mitigation in DRAM. IEEE Computer Architecture Letters 16, 1 (2017), 18--21.
[16]
DDR3 SDRAM Specification. 2010. Jesd79.
[17]
Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clémentine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, and Cristiano Giuffrida. 2016. Drammer: Deterministic Rowhammer Attacks on Mobile Platforms. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24--28, 2016. 1675--1689.

Cited By

View all
  • (2024)Self-Managing DRAM: A Low-Cost Framework for Enabling Autonomous and Efficient DRAM Maintenance Operations2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00074(949-965)Online publication date: 2-Nov-2024
  • (2024)BreakHammer: Enhancing RowHammer Mitigations by Carefully Throttling Suspect Threads2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00072(915-934)Online publication date: 2-Nov-2024
  • (2024)CoMeT: Count-Min-Sketch-based Row Tracking to Mitigate RowHammer at Low Cost2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00050(593-612)Online publication date: 2-Mar-2024
  • Show More Cited By

Index Terms

  1. Rapid detection of rowhammer attacks using dynamic skewed hash tree

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    HASP '18: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy
    June 2018
    84 pages
    ISBN:9781450365000
    DOI:10.1145/3214292
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 02 June 2018

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. bit-flip detection
    2. integrity tree
    3. rowhammer

    Qualifiers

    • Research-article

    Funding Sources

    • Academic Research Fund (AcRF) Tier1, Ministry of Education, Singapore

    Conference

    HASP '18

    Acceptance Rates

    Overall Acceptance Rate 9 of 13 submissions, 69%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)17
    • Downloads (Last 6 weeks)2
    Reflects downloads up to 18 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Self-Managing DRAM: A Low-Cost Framework for Enabling Autonomous and Efficient DRAM Maintenance Operations2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00074(949-965)Online publication date: 2-Nov-2024
    • (2024)BreakHammer: Enhancing RowHammer Mitigations by Carefully Throttling Suspect Threads2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00072(915-934)Online publication date: 2-Nov-2024
    • (2024)CoMeT: Count-Min-Sketch-based Row Tracking to Mitigate RowHammer at Low Cost2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00050(593-612)Online publication date: 2-Mar-2024
    • (2024)Spatial Variation-Aware Read Disturbance Defenses: Experimental Analysis of Real DRAM Chips and Implications on Future Solutions2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00048(560-577)Online publication date: 2-Mar-2024
    • (2024)Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00022(75-89)Online publication date: 24-Jun-2024
    • (2022)Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous EraACM Computing Surveys10.1145/349833755:3(1-40)Online publication date: 3-Feb-2022
    • (2022)Securing SoCs With FPGAs Against Rowhammer AttacksIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2021.310200441:7(2052-2065)Online publication date: Jul-2022
    • (2021)A Good Anvil Fears No Hammer: Automated Rowhammer Detection Using Unsupervised Deep LearningApplied Cryptography and Network Security Workshops10.1007/978-3-030-81645-2_5(59-77)Online publication date: 22-Jul-2021
    • (2020)RowHammer: A RetrospectiveIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2019.291531839:8(1555-1571)Online publication date: Aug-2020
    • (2020)Are We Susceptible to Rowhammer? An End-to-End Methodology for Cloud Providers2020 IEEE Symposium on Security and Privacy (SP)10.1109/SP40000.2020.00085(712-728)Online publication date: May-2020
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media