ANVIL-Reference-Cited by-同舟云学术

ANVIL

Published:2016-07-29 Issue:2 Volume:44 Page:743-755
ISSN:0163-5964
Container-title:ACM SIGARCH Computer Architecture News
language:en
Short-container-title:SIGARCH Comput. Archit. News

Author:

Aweke Zelalem Birhanu¹,Yitbarek Salessawi Ferede²,Qiao Rui³,Das Reetuparna²,Hicks Matthew¹,Oren Yossi⁴,Austin Todd²

Affiliation:

1. University of Michigan, Ann Arbor, MI, USA

2. University of Michigan, Ann Arbor , MI, USA

3. Stony Brook University, New York , NY, USA

4. Ben-Gurion University of the Negev, Beersheba, Israel

Abstract

Ensuring the integrity and security of the memory system is critical. Recent studies have shown serious security concerns due to "rowhammer" attacks, where repeated accesses to a row of memory cause bit flips in adjacent rows. Recent work by Google's Project Zero has shown how to leverage rowhammer-induced bit-flips as the basis for security exploits that include malicious code injection and memory privilege escalation. Being an important security concern, industry has attempted to defend against rowhammer attacks. Deployed defenses employ two strategies: (1) doubling the system DRAM refresh rate and (2) restricting access to the CLFLUSH instruction that attackers use to bypass the cache to increase memory access frequency (i.e., the rate of rowhammering). We demonstrate that such defenses are inadequte: we implement rowhammer attacks that both avoid using the CLFLUSH instruction and cause bit flips with a doubled refresh rate. Our next-generation CLFLUSH-free rowhammer attack bypasses the cache by manipulating cache replacement state to allow frequent misses out of the last-level cache to DRAM rows of our choosing. To protect existing systems from more advanced rowhammer attacks, we develop a software-based defense, ANVIL, which thwarts all known rowhammer attacks on existing systems. ANVIL detects rowhammer attacks by tracking the locality of DRAM accesses using existing hardware performance counters. Our detector identifies the rows being frequently accessed (i.e., the aggressors), then selectively refreshes the nearby victim rows to prevent hammering. Experiments running on real hardware with the SPEC2006 benchmarks show that ANVIL has less than a 1% false positive rate and an average slowdown of 1%. ANVIL is low-cost and robust, and our experiments indicate that it is an effective approach for protecting existing and future systems from even advanced rowhammer attacks.

Funder

Center for Future Architectures Research

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/2980024.2872390

Reference29 articles.

1. https://twitter.com/lavados/status/685618703413698562. Accessed: 2016-01--21. https://twitter.com/lavados/status/685618703413698562. Accessed: 2016-01--21.

2. Program for Testing for the DRAM "rowhammer" Problem. https://github.com/mseaborn/rowhammer-test. Accessed: 2015-08--11. Program for Testing for the DRAM "rowhammer" Problem. https://github.com/mseaborn/rowhammer-test. Accessed: 2015-08--11.

3. National Security Agency. TEMPEST: A Signal Problem. https://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf. Accessed: 2015-08--11. National Security Agency. TEMPEST: A Signal Problem. https://www.nsa.gov/public_info/_files/cryptologic_spectrum/tempest.pdf. Accessed: 2015-08--11.

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous Era;ACM Computing Surveys;2022-02-03

2. Uncovering In-DRAM RowHammer Protection Mechanisms:A New Methodology, Custom RowHammer Patterns, and Implications;MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture;2021-10-17

3. A Deeper Look into RowHammer’s Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses;MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture;2021-10-17