Are we susceptible to rowhammer? an end-to-end methodology for cloud providers
Metadata only
Author
Show all
Date
2020Type
- Conference Paper
Citations
Cited 3 times in
Web of Science
Cited 18 times in
Scopus
ETH Bibliography
yes
Altmetrics
Abstract
Cloud providers are concerned that Rowhammer poses a potentially critical threat to their servers, yet today they lack a systematic way to test whether the DRAM used in their servers is vulnerable to Rowhammer attacks. This paper presents an endto-end methodology to determine if cloud servers are susceptible to these attacks. With our methodology, a cloud provider can construct worst-case testing conditions for DRAM.We apply our methodology to three classes of servers from a major cloud provider. Our findings show that none of the CPU instruction sequences used in prior work to mount Rowhammer attacks create worst-case DRAM testing conditions. To address this limitation, we develop an instruction sequence that leverages microarchitectural side-effects to "hammer"DRAM at a near-optimal rate on modern Intel Skylake and Cascade Lake platforms. We also design a DDR4 fault injector that can reverse engineer row adjacency for any DDR4 DIMM. When applied to our cloud provider's DIMMs, we find that DRAM rows do not always follow a linear map. © 2020 IEEE. Show more
Publication status
publishedExternal links
Book title
2020 IEEE Symposium on Security and Privacy (SP)Pages / Article No.
Publisher
IEEEEvent
Organisational unit
09483 - Mutlu, Onur / Mutlu, Onur
Notes
Due to the Coronavirus (COVID-19) the conference was conducted virtually.More
Show all metadata
Citations
Cited 3 times in
Web of Science
Cited 18 times in
Scopus
ETH Bibliography
yes
Altmetrics