对DDR4 DRAM单元跨多个锤击设置的脆弱性的新见解

IF 1.7 4区计算机科学 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Embedded Systems Letters Pub Date : 2024-12-05 DOI:10.1109/LES.2024.3449232

Ranyang Zhou;Jacqueline Liu;Nakul Kochar;Sabbir Ahmed;Adnan Siraj Rakin;Shaahin Angizi

{"title":"对DDR4 DRAM单元跨多个锤击设置的脆弱性的新见解","authors":"Ranyang Zhou;Jacqueline Liu;Nakul Kochar;Sabbir Ahmed;Adnan Siraj Rakin;Shaahin Angizi","doi":"10.1109/LES.2024.3449232","DOIUrl":null,"url":null,"abstract":"RowHammer stands out as a prominent example, potentially the pioneering one, showcasing how a failure mechanism at the circuit level can give rise to a significant and pervasive security vulnerability within systems. Prior research has approached RowHammer attacks within a static threat model framework. Nonetheless, it warrants consideration within a more nuanced and dynamic model. This letter presents a low-overhead DRAM RowHammer vulnerability profiling technique, which utilizes innovative test vectors for categorizing memory cells into distinct security levels. The proposed test vectors intentionally weaken the spatial correlation between the aggressors and victim rows before an attack for evaluation, thus aiding designers in mitigating RowHammer vulnerabilities in the mapping phase. While there has been no previous research showcasing the impact of such profiling to our knowledge, our study methodically assesses 128 commercial DDR4 DRAM products. The results uncover the significant variability among chips from different manufacturers in the type and quantity of RowHammer attacks that can be exploited by adversaries.","PeriodicalId":56143,"journal":{"name":"IEEE Embedded Systems Letters","volume":"16 4","pages":"337-340"},"PeriodicalIF":1.7000,"publicationDate":"2024-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Novel Insight Into the Vulnerability of DDR4 DRAM Cells Across Multiple Hammering Settings\",\"authors\":\"Ranyang Zhou;Jacqueline Liu;Nakul Kochar;Sabbir Ahmed;Adnan Siraj Rakin;Shaahin Angizi\",\"doi\":\"10.1109/LES.2024.3449232\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"RowHammer stands out as a prominent example, potentially the pioneering one, showcasing how a failure mechanism at the circuit level can give rise to a significant and pervasive security vulnerability within systems. Prior research has approached RowHammer attacks within a static threat model framework. Nonetheless, it warrants consideration within a more nuanced and dynamic model. This letter presents a low-overhead DRAM RowHammer vulnerability profiling technique, which utilizes innovative test vectors for categorizing memory cells into distinct security levels. The proposed test vectors intentionally weaken the spatial correlation between the aggressors and victim rows before an attack for evaluation, thus aiding designers in mitigating RowHammer vulnerabilities in the mapping phase. While there has been no previous research showcasing the impact of such profiling to our knowledge, our study methodically assesses 128 commercial DDR4 DRAM products. The results uncover the significant variability among chips from different manufacturers in the type and quantity of RowHammer attacks that can be exploited by adversaries.\",\"PeriodicalId\":56143,\"journal\":{\"name\":\"IEEE Embedded Systems Letters\",\"volume\":\"16 4\",\"pages\":\"337-340\"},\"PeriodicalIF\":1.7000,\"publicationDate\":\"2024-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Embedded Systems Letters\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10779574/\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Embedded Systems Letters","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10779574/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

RowHammer是一个突出的例子，可能是开创性的例子，它展示了电路级别的故障机制如何在系统中引起重大且普遍的安全漏洞。先前的研究已经在静态威胁模型框架内处理了RowHammer攻击。尽管如此，它仍值得在一个更细致和动态的模型中考虑。这封信提出了一种低开销的DRAM RowHammer漏洞分析技术，该技术利用创新的测试向量将内存单元分类为不同的安全级别。所提出的测试向量在攻击评估之前有意削弱攻击者和受害者行之间的空间相关性，从而帮助设计者在映射阶段减轻RowHammer漏洞。虽然据我们所知，之前没有研究显示这种分析的影响，但我们的研究系统地评估了128种商用DDR4 DRAM产品。结果揭示了不同制造商的芯片在可被对手利用的RowHammer攻击的类型和数量方面存在显著差异。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Novel Insight Into the Vulnerability of DDR4 DRAM Cells Across Multiple Hammering Settings

RowHammer stands out as a prominent example, potentially the pioneering one, showcasing how a failure mechanism at the circuit level can give rise to a significant and pervasive security vulnerability within systems. Prior research has approached RowHammer attacks within a static threat model framework. Nonetheless, it warrants consideration within a more nuanced and dynamic model. This letter presents a low-overhead DRAM RowHammer vulnerability profiling technique, which utilizes innovative test vectors for categorizing memory cells into distinct security levels. The proposed test vectors intentionally weaken the spatial correlation between the aggressors and victim rows before an attack for evaluation, thus aiding designers in mitigating RowHammer vulnerabilities in the mapping phase. While there has been no previous research showcasing the impact of such profiling to our knowledge, our study methodically assesses 128 commercial DDR4 DRAM products. The results uncover the significant variability among chips from different manufacturers in the type and quantity of RowHammer attacks that can be exploited by adversaries.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Embedded Systems Letters Engineering-Control and Systems Engineering

CiteScore

3.30

自引率

0.00%

发文量

期刊介绍： The IEEE Embedded Systems Letters (ESL), provides a forum for rapid dissemination of latest technical advances in embedded systems and related areas in embedded software. The emphasis is on models, methods, and tools that ensure secure, correct, efficient and robust design of embedded systems and their applications.