Cache Line Pinning for Mitigating Row Hammer Attack
Pages 802 - 811
Abstract
RowHammer attack is a serious security threat to DRAM-based memory that causes bit flips in nearby rows when a DRAM row is accessed frequently. Many mitigation strategies are proposed against the RowHammer attack, and a few of the mitigation strategies are adopted and implemented by the hardware vendors. But even the latest generations of DRAM-based memory with in-DRAM mitigation are found vulnerable to the RowHammer attack.
We propose Cache Line Pinning (CLP) as a mitigation strategy against the RowHammer attack. CLP pins the blocks in the cache when it identifies a RowHammer activity on the DRAM row where the block resides. In-depth experimental analysis shows that, with CLP the performance is improved not just in the case of attack programs, but also for benign applications. With a thorough analysis of various design parameters and implementation overhead, we find CLP to be a highly ease-of-use approach resilient to even complex attack patterns.
References
[1]
[1]Kim Yoongu, Daly Ross, Kim Jeremie, Fallin Chris, Lee Ji Hye, Lee Donghyuk, Wilkerson Chris, Lai Konrad and Mutlu Onur. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In 41st International Symposium on Computer Architecture, 361-372.
[2]
[2]Zelalem Birhanu Aweke, Salessawi Ferede Yitbarek, Rui Qiao, Reetuparna Das, Matthew Hicks, Yossi Oren, and Todd Austin. 2016. ANVIL: Software-Based Protection Against Next-Generation Rowhammer Attacks. In 21st International Conference on Architectural Support for Programming Languages and Operating Systems, 743–755. https://doi.org/10.1145/2872362.2872390
[3]
[3]Ferdinand Brasser, Lucas Davi, David Gens, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2017. CAn’t touch this: software-only mitigation against rowhammer attacks targeting kernel memory. In 26th USENIX Conference on Security Symposium, 117–130.
[4]
[4]Radhesh Krishnan Konoth, Marco Oliverio, Andrei Tatar, Dennis Andriesse, Herbert Bos, Cristiano Giuffrida, and Kaveh Razavi. 2018. ZebRAM: comprehensive and compatible software protection against rowhammer attacks. In 13th USENIX conference on Operating Systems Design and Implementation, 697–710.
[5]
[5]Tatar, A., Giuffrida, C., Bos, H., and Razavi, K. 2018. Defeating Software Mitigations Against Rowhammer: A Surgical Precision Hammer. In 21st International Symposium on Recent Advances in Intrusion Detection, 47-66.
[6]
[6]Frigo Pietro, Vannacc Emanuele, Hassan Hasan, der Veen Victor van, Mutlu Onur, Giuffrida Cristiano, Bos Herbert and Razavi Kaveh. 2020. TRRespass: Exploiting the Many Sides of Target Row Refresh. In IEEE Symposium on Security and Privacy, 747-762.
[7]
[7]Kogler, Andreas, Jonas Juffinger, Salman Qazi, Yoongu Kim, Moritz Lipp, Nicolas Boichat, Eric Shiu, Mattias Nissler, and Daniel Gruss. 2022. Half-Double: Hammering from the next row over. In 31st USENIX Security Symposium, 3807-3824.
[8]
[8]P. Jattke, V. Van Der Veen, P. Frigo, S. Gunter and K. Razavi. 2022. BLACKSMITH: Scalable Rowhammering in the Frequency Domain. In IEEE Symposium on Security and Privacy, 716-734.
[9]
[9]Nathan Binkert, Bradford Beckmann, Gabriel Black, Steven K. Reinhardt, Ali Saidi, Arkaprava Basu, Joel Hestness, Derek R. Hower, Tushar Krishna, Somayeh Sardashti, Rathijit Sen, Korey Sewell, Muhammad Shoaib, Nilay Vaish, Mark D. Hill, and David A. Wood. 2011. The gem5 simulator. SIGARCH Comput. Archit. News, 1–7. https://doi.org/10.1145/2024716.2024718.
[10]
[10]Seaborn, Mark, and Thomas Dullien. 2015. Exploiting the DRAM rowhammer bug to gain kernel privileges. Black Hat 15, no. 71 (2015): 2.
[11]
[11]Kaveh Razavi, Ben Gras, Erik Bosman, Bart Preneel, Cristiano Giuffrida, and Herbert Bos. 2016. Flip Feng Shui: hammering a needle in the software stack. In 25th USENIX Conference on Security Symposium, 1–18.
[12]
[12]Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, and Radu Teodorescu. 2016. One bit flips, one cloud flops: cross-VM row hammer attacks and privilege escalation. In 25th USENIX Conference on Security Symposium, 19–35.
[13]
[13]D. Gruss, M. Lipp, M. Schwarz, D. Genkin, J. Juffinger and S. Connell, W. Schoechl and Y. Yarom. 2018. Another Flip in the Wall of Rowhammer Defenses. In IEEE Symposium on Security and Privacy, 245-261.
[14]
[14]L. Cojocar, K. Razavi, C. Giuffrida and H. Bos. 2019. Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks. In IEEE Symposium on Security and Privacy, 55-71.
[15]
[15]A. Kwong, D. Genkin, D. Gruss and Y. Yarom. 2020. RAMBleed: Reading Bits in Memory Without Accessing Them. In IEEE Symposium on Security and Privacy, 695-711.
[16]
[16]Steven C. Woo, Wendy Elsasser, Mike Hamburg, Eric Linstadt, Michael R. Miller, Taeksang Song, and James Tringali. 2024. RAMPART: RowHammer Mitigation and Repair for Server Memory Systems. In International Symposium on Memory Systems, 1–15. https://doi.org/10.1145/3631882.3631886
[17]
[17]Van der Veen, Victor, Martina Lindorfer, Yanick Fratantonio, Harikrishnan Pillai, Giovanni Vigna, Christopher Kruegel, Herbert Bos, and Kaveh Razavi. 2018. Guardion: Practical mitigation of dma-based rowhammer attacks on arm. In Detection of Intrusions and Malware, and Vulnerability Assessment, 92-113.
[18]
[18]Mungyu Son, Hyunsun Park, J. Ahn and Sungjoo Yoo. 2017. Making DRAM stronger against row hammering. In 54th ACM/EDAC/IEEE Design Automation Conference (DAC), 1-6.
[19]
[19]Y. Park, W. Kwon, E. Lee, T. J. Ham, J. Ho Ahn and J. W. Lee. 2020. Graphene: Strong yet Lightweight Row Hammer Protection. In 53rd International Symposium on Microarchitecture, 1-13.
[20]
[20]S. M. Seyedzadeh, A. K. Jones and R. Melhem. 2017. Counter-Based Tree Structure for Row Hammering Mitigation in DRAM. In IEEE Computer Architecture Letters, vol. 16, no. 1, pp. 18-21.
[21]
[21]Eojin Lee, Ingab Kang, Sukhan Lee, G. Edward Suh, and Jung Ho Ahn. 2019. TWiCe: preventing row-hammering by exploiting time window counters. In 46th International Symposium on Computer Architecture, 385–396. https://doi.org/10.1145/3307650.3322232.
[22]
[22]Yağlikçi, A. Giray, P. Minesh, K. Jeremie, A. Roknoddin, Olgun Ataberk, Orosa Lois, H. Hasan, P. Jisung, K. Konstantinos, S. Taha, G. Saugata and Mutlu Onur. 2021. BlockHammer: Preventing RowHammer at Low Cost by Blacklisting Rapidly-Accessed DRAM Rows. In International Symposium on High-Performance Computer Architecture, 345-358.
[23]
[23]A. Saxena, G. Saileshwar, P. J. Nair and M. Qureshi. 2022. AQUA: Scalable Rowhammer Mitigation by Quarantining Aggressor Rows at Runtime. In 55th IEEE/ACM International Symposium on Microarchitecture, 108-123.
[24]
[24]Gururaj Saileshwar, Bolin Wang, Moinuddin Qureshi, and Prashant J. Nair. 2022. Randomized row-swap: mitigating Row Hammer by breaking spatial correlation between aggressor and victim rows. In 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 1056–1069. https://doi.org/10.1145/3503222.3507716.
[25]
[25]J. Woo, G. Saileshwar and P. Nair. 2023. Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems. In International Symposium on High-Performance Computer Architecture, 374-389.
[26]
[26]Onur Mutlu, Ataberk Olgun, and A. Giray Yağlıkcı. 2023. Fundamentally Understanding and Solving RowHammer. In 28th Asia and South Pacific Design Automation Conference, https://doi.org/10.1145/3566097.3568350.
[27]
[27]A. Barenghi, L. Breveglieri, N. Izzo and G. Pelosi. 2018. Software-only Reverse Engineering of Physical DRAM Mappings for Rowhammer Attacks. In 3rd International Verification and Security Workshop, 19-24.
[28]
[28]Minghua Wang, Zhi Zhang, Yueqiang Cheng, and Surya Nepal. 2020. DRAMDig: a knowledge-assisted tool to uncover DRAM address mapping. In 57th ACM/EDAC/IEEE Design Automation Conference, IEEE Press, Article 89, 1–6.
[29]
[29]Jeremie S. Kim, Minesh Patel, A. Giray Yağlıkçı, Hasan Hassan, Roknoddin Azizi, Lois Orosa, and Onur Mutlu. 2020. Revisiting RowHammer: an experimental analysis of modern DRAM devices and mitigation techniques. In 47th Annual International Symposium on Computer Architecture, 638–651. https://doi.org/10.1109/ISCA45697.2020.00059
[30]
[30]Kim Taesoo, Marcus Peinado, and Gloria Mainar-Ruiz. 2012. STEALTHMEM:System-Level protection against Cache-Based side channel attacks in the cloud. In 21st USENIX Security Symposium, pp. 189-204.
[31]
[31]Marc Green, Rodrigues-Lima, Andreas Zankl, Gorka Irazoqui, Johann Heyszl, and Thomas Eisenbarth. 2017. AutoLock: why cache attacks on ARM are harder than you think. In 26th USENIX Conference on Security Symposium, 1075–1091.
[32]
[32]Misra Jayadev, and David Gries. 1982. Finding repeated elements. Science of computer programming 2, no. 2 (1982): 143-152. https://doi.org/10.1016/0167-6423(82)90012-0.
[33]
[33] AQUA: Scalable Rowhammer Mitigation by Quarantining Aggressor Rows at Runtime. Retrieved from https://github.com/Anish-Saxena/aqua_rowhammer_mitigation
[34]
[34] SPEC CPU 2017 Benchmark Suite. Retrieved from https://www.spec.org/cpu2017/
[35]
[35] S. Eyerman and L. Eeckhout. 2014. Restating the Case for Weighted-IPC Metrics to Evaluate Multiprogram Workload Performance. In IEEE Computer Architecture Letters, vol. 13, no. 2, 93-96.
Index Terms
- Cache Line Pinning for Mitigating Row Hammer Attack
Recommendations
RowPress: Amplifying Read Disturbance in Modern DRAM Chips
ISCA '23: Proceedings of the 50th Annual International Symposium on Computer ArchitectureMemory isolation is critical for system reliability, security, and safety. Unfortunately, read disturbance can break memory isolation in modern DRAM chips. For example, RowHammer is awell-studied read-disturb phenomenon where repeatedly opening and ...
RAMPART: RowHammer Mitigation and Repair for Server Memory Systems
MEMSYS '23: Proceedings of the International Symposium on Memory SystemsRowHammer attacks are a growing security and reliability concern for DRAMs and computer systems as they can induce many bit errors that overwhelm error detection and correction capabilities. System-level solutions are needed as process technology and ...
Stop! Hammer time: rethinking our approach to rowhammer mitigations
HotOS '21: Proceedings of the Workshop on Hot Topics in Operating SystemsRowhammer attacks exploit electromagnetic interference among nearby DRAM cells to flip bits, corrupting data and altering system behavior. Unfortunately, DRAM vendors have opted for a blackbox approach to preventing these bit flips, exposing little ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
August 2024
1279 pages
ISBN:9798400717932
DOI:10.1145/3673038
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 August 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- Science and Engineering Research Board
Conference
ICPP '24
ICPP '24: the 53rd International Conference on Parallel Processing
August 12 - 15, 2024
Gotland, Sweden
Acceptance Rates
Overall Acceptance Rate 91 of 313 submissions, 29%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 200Total Downloads
- Downloads (Last 12 months)200
- Downloads (Last 6 weeks)59
Reflects downloads up to 13 Jan 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in