Litcius/Paper detail

MINT: Securely Mitigating Rowhammer with a Minimalist in-DRAM Tracker

Moinuddin K. Qureshi, Salman Qazi, Aamer Jaleel

202417 citationsDOI

Abstract

This paper investigates secure low-cost in-DRAM trackers for mitigating Rowhammer (RH). In-DRAM solutions have the potential to solve the RH problem within the DRAM chip without relying on other parts of the system. However, in-DRAM mitigation suffers from two key challenges: First, the mitigations are synchronized with refresh, which means that we cannot mitigate at arbitrary times. Second, the SRAM area available for aggressor tracking is limited to only a few bytes. Existing low-cost in-DRAM trackers (such as TRR) have been broken by well-crafted access patterns, whereas, secure counter-based schemes require impractical overheads of hundreds or thousands of entries per bank. The goal of our paper is to develop an ultra-low-cost secure in-DRAM tracker. Our solution is based on a simple observation: If only one row can be mitigated at refresh, we should ideally need to track only one row. We propose a Minimalist In-DRAM Tracker (MINT), which provides secure mitigation with just a single entry. Unlike prior trackers that decide the row to be mitigated based on the past behavior (select based on activation counts) or solely based on the current activation (select with some probability), MINT decides which row in the future will get mitigated. At each refresh, MINT probabilistically decides which activation in the upcoming interval will be selected for mitigation at the next refresh. MINT provides guaranteed protection against classic single and double-sided attacks. We also derive the minimum RH threshold (TRH*) tolerated by MINT across all patterns. MINT has a TRH* of 1482, which can be lowered to 356 with RFM. The TRH* of MINT is lower than a prior counter-based design with 677 entries per bank, and is within 2x of the TRH* of an idealized design that stores one-counter-per-row. We also analyze the impact of refresh postponement on the TRH* of low-cost in-DRAM trackers, and propose an efficient solution to make such trackers compatible with refresh postponement.

Topics & Concepts

DramComputer scienceOperating systemEmbedded systemComputer hardwareAdvanced Malware Detection TechniquesUser Authentication and Security SystemsInternet Traffic Analysis and Secure E-voting