New perception on Rowhammer assaults, together with an analytical mannequin of capacitive-coupling vulnerabilities in DRAMs.


“Rowhammer is a memory-based assault that leverages capacitive-coupling to induce faults in fashionable dynamic random-access reminiscence (DRAM). During the last decade, a big variety of Rowhammer assaults have been introduced to disclose that it’s a extreme safety difficulty able to inflicting privilege escalations, launching distributed denial-of-service (DDoS) assaults, and even runtime assault comparable to management move hijacking. Furthermore, the Rowhammer vulnerability has additionally been recognized and validated in each cloud computing and information middle environments, threatening information safety and privateness at a big scale. Varied options have been proposed to counter Rowhammer assaults however current strategies lack a circuit-level clarification of the capacitive-coupling phenomenon in fashionable DRAMs, the important thing explanation for Rowhammer assaults.

On this paper, we develop an analytical mannequin of capacitive-coupling vulnerabilities in DRAMs. We completely analyze all parameters within the mathematical mannequin contributing to the Rowhammer vulnerability and quantify them by actual DRAM measurements. We validate the mannequin with completely different attributions on a variety of DRAM manufacturers from numerous producers. Via our mannequin we re-evaluate current Rowhammer assaults on each DDR3 and DDR4 reminiscence, together with the just lately developed TRRespass assault. Our evaluation presents a brand new Rowhammer assault perception and can information future analysis on this space.”

Discover the technical paper link here and here (IEEE Xplore). Printed Dec. 2021.

Y. Jiang, H. Zhu, D. Sullivan, X. Guo, X. Zhang and Y. Jin, “Quantifying Rowhammer Vulnerability for DRAM Safety,” 2021 58th ACM/IEEE Design Automation Convention (DAC), 2021, pp. 73-78, doi: 10.1109/DAC18074.2021.9586119.

Source link


Please enter your comment!
Please enter your name here