Litcius/Paper detail

Quantifying Rowhammer Vulnerability for DRAM Security

Yichen Jiang, Huifeng Zhu, Dean Sullivan, Xiaolong Guo, Xuan Zhang, Yier Jin

202117 citationsDOI

Abstract

Rowhammer is a memory-based attack that leverages capacitive-coupling to induce faults in modern dynamic random-access memory (DRAM). Over the last decade, a significant number of Rowhammer attacks have been presented to reveal that it is a severe security issue capable of causing privilege escalations, launching distributed denial-of-service (DDoS) attacks, and even runtime attack such as control flow hijacking. Moreover, the Rowhammer vulnerability has also been identified and validated in both cloud computing and data center environments, threatening data security and privacy at a large scale. Various solutions have been proposed to counter Rowhammer attacks but existing methods lack a circuit-level explanation of the capacitive-coupling phenomenon in modern DRAMs, the key cause of Rowhammer attacks.In this paper, we develop an analytical model of capacitive-coupling vulnerabilities in DRAMs. We thoroughly analyze all parameters in the mathematical model contributing to the Rowhammer vulnerability and quantify them through real DRAM measurements. We validate the model with different attributions on a wide range of DRAM brands from various manufacturers. Through our model we re-evaluate existing Rowhammer attacks on both DDR3 and DDR4 memory, including the recently developed TRRespass attack. Our analysis presents a new Rowhammer attack insight and will guide future research in this area.

Topics & Concepts

DramDenial-of-service attackVulnerability (computing)Computer securityDynamic random-access memoryEngineeringComputer scienceElectrical engineeringComputer hardwareOperating systemSemiconductor memoryThe InternetSecurity and Verification in ComputingPhysical Unclonable Functions (PUFs) and Hardware SecurityCloud Data Security Solutions
Quantifying Rowhammer Vulnerability for DRAM Security | Litcius