Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.11851/8309
Title: A deeper look into RowHammer's sensitivities: Experimental analysis of real DRAM chips and implications on future attacks and defenses
Authors: Orosa, L.
Yağlıkçı, A. Giray
Luo, H.
Olgun, Ataberk
Park, J.
Hassan, H.
Patel, M.
Keywords: Characterization
DRAM
Memory
Reliability
RowHammer
Safety
Security
Temperature
Testing
Network security
Reliability analysis
Safety testing
Bit-flips
Cell-size
Characterization
Circuit levels
DRAM cells
DRAM chips
Experimental analysis
Fundamental properties
Rowhammer
Security
Dynamic random access storage
Publisher: IEEE Computer Society
Abstract: RowHammer is a circuit-level DRAM vulnerability where repeatedly accessing (i.e., hammering) a DRAM row can cause bit flips in physically nearby rows. The RowHammer vulnerability worsens as DRAM cell size and cell-to-cell spacing shrink. Recent studies demonstrate that modern DRAM chips, including chips previously marketed as RowHammer-safe, are even more vulnerable to RowHammer than older chips such that the required hammer count to cause a bit flip has reduced by more than 10X in the last decade. Therefore, it is essential to develop a better understanding and in-depth insights into the RowHammer vulnerability of modern DRAM chips to more effectively secure current and future systems. Our goal in this paper is to provide insights into fundamental properties of the RowHammer vulnerability that are not yet rigorously studied by prior works, but can potentially be i) exploited to develop more effective RowHammer attacks or ii) leveraged to design more effective and efficient defense mechanisms. To this end, we present an experimental characterization using 248 DDR4 and 24 DDR3 modern DRAM chips from four major DRAM manufacturers demonstrating how the RowHammer effects vary with three fundamental properties: 1) DRAM chip temperature, 2) aggressor row active time, and 3) victim DRAM cell fs physical location. Among our 16 new observations, we highlight that a RowHammer bit flip 1) is very likely to occur in a bounded range, specific to each DRAM cell (e.g., 5.4% of the vulnerable DRAM cells exhibit errors in the range 70 .C to 90 .C), 2) is more likely to occur if the aggressor row is active for longer time (e.g., RowHammer vulnerability increases by 36% if we keep a DRAM row active for 15 column accesses), and 3) is more likely to occur in certain physical regions of the DRAM module under attack (e.g., 5% of the rows are 2x more vulnerable than the remaining 95% of the rows). Our study has important practical implications on future RowHammer attacks and defenses. We describe and analyze the implications of our new findings by proposing three future RowHammer attack and five future RowHammer defense improvements. © 2021 Association for Computing Machinery.
Description: ARM;et al.;Huawei;IBM;Intel;Microsoft
54th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2021 -- 18 October 2021 through 22 October 2021 -- 172825
URI: https://doi.org/10.1145/3466752.3480069
https://hdl.handle.net/20.500.11851/8309
ISBN: 9781450385572
ISSN: 1072-4451
Appears in Collections:Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection

Show full item record



CORE Recommender

SCOPUSTM   
Citations

2
checked on Nov 9, 2024

Page view(s)

108
checked on Nov 11, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.