🛡️

[Lecture 5] Understanding Rowhammer Vulnerability and Mitigation

Mar 30, 2025

Lecture on Memory Robustness and Rowhammer

Introduction

  • Lecturer: Giray Al
  • Background: Researcher, lecturer, recently got a PhD in memory robustness
  • Focus: Memory robustness, specifically Rowhammer

Rowhammer Vulnerability

  • Rowhammer is a significant vulnerability in memory devices.
  • Exploits include:
    • Gaining unauthorized access to data
    • Breaking out of virtual machine sandboxes
    • Corrupting data
    • Altering critical workload behavior
    • Stealing sensitive data (e.g., SSH keys)

Historical Context

  • Key Paper: "Flipping Bits in Memory Without Accessing Them" (ISCA 2014, Safari group)
  • Immediate impact demonstrated by Google’s Project Zero: Exploited Rowhammer to gain kernel privileges in Linux systems.

Technical Details of Rowhammer

  • Rowhammer occurs when repeated access to a row of memory causes bit flips in adjacent rows.
  • Exploits involve altering page table entries to gain access to larger memory areas.
  • Memory spraying technique: filling physical memory with page tables to exploit bit flips.

Mitigation Techniques

  • Error Correcting Codes (ECC): Found ineffective against Rowhammer.
  • Solutions like increased refresh rates, physical isolation, and memory access throttling have been proposed.
  • Probabilistic Adjacent Row Activation (PARA) is a low-cost, effective solution that refreshes neighboring rows with low probability to prevent bit flips.

Recent Developments

  • Newer memory devices (DDR4, LPDDR4, HBM) are also vulnerable to Rowhammer.
  • Techniques like four-sided Rowhammer attack exploit limitations in existing countermeasures.
  • Rowhammer attacks have been demonstrated across multiple devices, including mobile phones.

Advanced Research and Future Directions

  • Recent research indicates Rowhammer vulnerability is worsening with technology scaling.
  • Strategies to mitigate Rowhammer include sophisticated memory refresh strategies and leveraging circuit-level insights.
  • New attack patterns continue to be discovered, necessitating ongoing research into more robust solutions.

Conclusion

  • Memory robustness, especially against Rowhammer, remains a critical area of research.
  • Ongoing advancements in mitigation techniques are necessary as technology scales.
  • Future memory systems need intelligent controllers for improved security, safety, and reliability.

Full transcript