Loading…
TWiCe: preventing row-hammering by exploiting time window counters
Computer systems using DRAM are exposed to row-hammer (RH) attacks, which can flip data in a DRAM row without directly accessing a row but by frequently activating its adjacent ones. There have been a number of proposals to prevent RH, but they either incur large area overhead, suffer from noticeabl...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Conference Proceeding |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | 396 |
| container_issue | |
| container_start_page | 385 |
| container_title | |
| container_volume | |
| creator | Lee, Eojin Kang, Ingab Lee, Sukhan Suh, G. Edward Ahn, Jung Ho |
| description | Computer systems using DRAM are exposed to row-hammer (RH) attacks, which can flip data in a DRAM row without directly accessing a row but by frequently activating its adjacent ones. There have been a number of proposals to prevent RH, but they either incur large area overhead, suffer from noticeable performance drop on adversarial memory access patterns, or provide probabilistic protection with no capability to detect attacks.
In this paper, we propose a new counter-based RH prevention solution named Time Window Counter (TWiCe) based row refresh, which accurately detects potential RH attacks only using a small number of counters with a minimal performance impact. We first make a key observation that the number of rows that can cause RH is limited by the maximum values of row activation frequency and DRAM cell retention time. We calculate the maximum number of required counter entries per DRAM bank, with which TWiCe prevents RH with a strong deterministic guarantee. We leverage pseudo-associative cache design and separate the TWiCe table to further reduce area and energy overheads. TWiCe incurs no performance overhead on normal DRAM operations and less than 0.7% area and energy overheads over contemporary DRAM devices. Our evaluation shows that TWiCe makes no more than 0.006% of additional DRAM row activations for adversarial memory access patterns including RH attack scenarios. |
| doi_str_mv | 10.1145/3307650.3322232 |
| format | conference_proceeding |
| fullrecord | <record><control><sourceid>acm_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_8980327</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8980327</ieee_id><sourcerecordid>acm_books_10_1145_3307650_3322232</sourcerecordid><originalsourceid>FETCH-LOGICAL-a247t-eea5f9997a7707001217293e13af2c6dec74d4c24c73de8ae7fdb8a4b6ea4abd3</originalsourceid><addsrcrecordid>eNqNz0FLw0AQhuFVKVhqzh78A14SZ2c2O7tHCWqFgpdKe1smyQSilkrixX9vpDl58jSH52PgNebaQmGtK--IgH0JBREiEp6ZLHKYAMh7H925WWLJZc6W9hd_7NJk4_gGABjYTrA0i-2ur_TKLDr5GDWb78q8Pj5sq3W-eXl6ru43uaDjr1xVyi7GyMIMDGDRMkZSS9Jh41tt2LWuQdcwtRpEuWvrIK72Kk7qllbm5vS3V9X0OfQHGb5TiAEIedLbk0pzSPXx-D4mC-m3Oc3NaW6epsU_p6keeu3oB5SlT1I</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>TWiCe: preventing row-hammering by exploiting time window counters</title><source>IEEE Xplore All Conference Series</source><creator>Lee, Eojin ; Kang, Ingab ; Lee, Sukhan ; Suh, G. Edward ; Ahn, Jung Ho</creator><creatorcontrib>Lee, Eojin ; Kang, Ingab ; Lee, Sukhan ; Suh, G. Edward ; Ahn, Jung Ho</creatorcontrib><description>Computer systems using DRAM are exposed to row-hammer (RH) attacks, which can flip data in a DRAM row without directly accessing a row but by frequently activating its adjacent ones. There have been a number of proposals to prevent RH, but they either incur large area overhead, suffer from noticeable performance drop on adversarial memory access patterns, or provide probabilistic protection with no capability to detect attacks.
In this paper, we propose a new counter-based RH prevention solution named Time Window Counter (TWiCe) based row refresh, which accurately detects potential RH attacks only using a small number of counters with a minimal performance impact. We first make a key observation that the number of rows that can cause RH is limited by the maximum values of row activation frequency and DRAM cell retention time. We calculate the maximum number of required counter entries per DRAM bank, with which TWiCe prevents RH with a strong deterministic guarantee. We leverage pseudo-associative cache design and separate the TWiCe table to further reduce area and energy overheads. TWiCe incurs no performance overhead on normal DRAM operations and less than 0.7% area and energy overheads over contemporary DRAM devices. Our evaluation shows that TWiCe makes no more than 0.006% of additional DRAM row activations for adversarial memory access patterns including RH attack scenarios.</description><identifier>ISBN: 9781450366694</identifier><identifier>ISBN: 1450366694</identifier><identifier>EISSN: 2575-713X</identifier><identifier>EISBN: 9781450366694</identifier><identifier>EISBN: 1450366694</identifier><identifier>DOI: 10.1145/3307650.3322232</identifier><language>eng</language><publisher>New York, NY, USA: ACM</publisher><subject>Computer systems organization ; Computer systems organization -- Dependable and fault-tolerant systems and networks ; Computer systems organization -- Dependable and fault-tolerant systems and networks -- Processors and memory architectures ; Hardware ; Hardware -- Integrated circuits ; Hardware -- Integrated circuits -- Semiconductor memory ; Information systems ; Information systems -- Information storage systems ; Information systems -- Information storage systems -- Information storage technologies ; Security and privacy ; Security and privacy -- Security in hardware ; Security and privacy -- Security in hardware -- Hardware attacks and countermeasures ; Security and privacy -- Security in hardware -- Hardware attacks and countermeasures -- Side-channel analysis and countermeasures ; Security and privacy -- Security in hardware -- Tamper-proof and tamper-resistant designs ; Security and privacy -- Systems security</subject><ispartof>2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA), 2019, p.385-396</ispartof><rights>2019 ACM</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8980327$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8980327$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Lee, Eojin</creatorcontrib><creatorcontrib>Kang, Ingab</creatorcontrib><creatorcontrib>Lee, Sukhan</creatorcontrib><creatorcontrib>Suh, G. Edward</creatorcontrib><creatorcontrib>Ahn, Jung Ho</creatorcontrib><title>TWiCe: preventing row-hammering by exploiting time window counters</title><title>2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA)</title><addtitle>ISCA</addtitle><description>Computer systems using DRAM are exposed to row-hammer (RH) attacks, which can flip data in a DRAM row without directly accessing a row but by frequently activating its adjacent ones. There have been a number of proposals to prevent RH, but they either incur large area overhead, suffer from noticeable performance drop on adversarial memory access patterns, or provide probabilistic protection with no capability to detect attacks.
In this paper, we propose a new counter-based RH prevention solution named Time Window Counter (TWiCe) based row refresh, which accurately detects potential RH attacks only using a small number of counters with a minimal performance impact. We first make a key observation that the number of rows that can cause RH is limited by the maximum values of row activation frequency and DRAM cell retention time. We calculate the maximum number of required counter entries per DRAM bank, with which TWiCe prevents RH with a strong deterministic guarantee. We leverage pseudo-associative cache design and separate the TWiCe table to further reduce area and energy overheads. TWiCe incurs no performance overhead on normal DRAM operations and less than 0.7% area and energy overheads over contemporary DRAM devices. Our evaluation shows that TWiCe makes no more than 0.006% of additional DRAM row activations for adversarial memory access patterns including RH attack scenarios.</description><subject>Computer systems organization</subject><subject>Computer systems organization -- Dependable and fault-tolerant systems and networks</subject><subject>Computer systems organization -- Dependable and fault-tolerant systems and networks -- Processors and memory architectures</subject><subject>Hardware</subject><subject>Hardware -- Integrated circuits</subject><subject>Hardware -- Integrated circuits -- Semiconductor memory</subject><subject>Information systems</subject><subject>Information systems -- Information storage systems</subject><subject>Information systems -- Information storage systems -- Information storage technologies</subject><subject>Security and privacy</subject><subject>Security and privacy -- Security in hardware</subject><subject>Security and privacy -- Security in hardware -- Hardware attacks and countermeasures</subject><subject>Security and privacy -- Security in hardware -- Hardware attacks and countermeasures -- Side-channel analysis and countermeasures</subject><subject>Security and privacy -- Security in hardware -- Tamper-proof and tamper-resistant designs</subject><subject>Security and privacy -- Systems security</subject><issn>2575-713X</issn><isbn>9781450366694</isbn><isbn>1450366694</isbn><isbn>9781450366694</isbn><isbn>1450366694</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2019</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNqNz0FLw0AQhuFVKVhqzh78A14SZ2c2O7tHCWqFgpdKe1smyQSilkrixX9vpDl58jSH52PgNebaQmGtK--IgH0JBREiEp6ZLHKYAMh7H925WWLJZc6W9hd_7NJk4_gGABjYTrA0i-2ur_TKLDr5GDWb78q8Pj5sq3W-eXl6ru43uaDjr1xVyi7GyMIMDGDRMkZSS9Jh41tt2LWuQdcwtRpEuWvrIK72Kk7qllbm5vS3V9X0OfQHGb5TiAEIedLbk0pzSPXx-D4mC-m3Oc3NaW6epsU_p6keeu3oB5SlT1I</recordid><startdate>20190622</startdate><enddate>20190622</enddate><creator>Lee, Eojin</creator><creator>Kang, Ingab</creator><creator>Lee, Sukhan</creator><creator>Suh, G. Edward</creator><creator>Ahn, Jung Ho</creator><general>ACM</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>20190622</creationdate><title>TWiCe</title><author>Lee, Eojin ; Kang, Ingab ; Lee, Sukhan ; Suh, G. Edward ; Ahn, Jung Ho</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a247t-eea5f9997a7707001217293e13af2c6dec74d4c24c73de8ae7fdb8a4b6ea4abd3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Computer systems organization</topic><topic>Computer systems organization -- Dependable and fault-tolerant systems and networks</topic><topic>Computer systems organization -- Dependable and fault-tolerant systems and networks -- Processors and memory architectures</topic><topic>Hardware</topic><topic>Hardware -- Integrated circuits</topic><topic>Hardware -- Integrated circuits -- Semiconductor memory</topic><topic>Information systems</topic><topic>Information systems -- Information storage systems</topic><topic>Information systems -- Information storage systems -- Information storage technologies</topic><topic>Security and privacy</topic><topic>Security and privacy -- Security in hardware</topic><topic>Security and privacy -- Security in hardware -- Hardware attacks and countermeasures</topic><topic>Security and privacy -- Security in hardware -- Hardware attacks and countermeasures -- Side-channel analysis and countermeasures</topic><topic>Security and privacy -- Security in hardware -- Tamper-proof and tamper-resistant designs</topic><topic>Security and privacy -- Systems security</topic><toplevel>online_resources</toplevel><creatorcontrib>Lee, Eojin</creatorcontrib><creatorcontrib>Kang, Ingab</creatorcontrib><creatorcontrib>Lee, Sukhan</creatorcontrib><creatorcontrib>Suh, G. Edward</creatorcontrib><creatorcontrib>Ahn, Jung Ho</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE/IET Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Lee, Eojin</au><au>Kang, Ingab</au><au>Lee, Sukhan</au><au>Suh, G. Edward</au><au>Ahn, Jung Ho</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>TWiCe: preventing row-hammering by exploiting time window counters</atitle><btitle>2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA)</btitle><stitle>ISCA</stitle><date>2019-06-22</date><risdate>2019</risdate><spage>385</spage><epage>396</epage><pages>385-396</pages><eissn>2575-713X</eissn><isbn>9781450366694</isbn><isbn>1450366694</isbn><eisbn>9781450366694</eisbn><eisbn>1450366694</eisbn><abstract>Computer systems using DRAM are exposed to row-hammer (RH) attacks, which can flip data in a DRAM row without directly accessing a row but by frequently activating its adjacent ones. There have been a number of proposals to prevent RH, but they either incur large area overhead, suffer from noticeable performance drop on adversarial memory access patterns, or provide probabilistic protection with no capability to detect attacks.
In this paper, we propose a new counter-based RH prevention solution named Time Window Counter (TWiCe) based row refresh, which accurately detects potential RH attacks only using a small number of counters with a minimal performance impact. We first make a key observation that the number of rows that can cause RH is limited by the maximum values of row activation frequency and DRAM cell retention time. We calculate the maximum number of required counter entries per DRAM bank, with which TWiCe prevents RH with a strong deterministic guarantee. We leverage pseudo-associative cache design and separate the TWiCe table to further reduce area and energy overheads. TWiCe incurs no performance overhead on normal DRAM operations and less than 0.7% area and energy overheads over contemporary DRAM devices. Our evaluation shows that TWiCe makes no more than 0.006% of additional DRAM row activations for adversarial memory access patterns including RH attack scenarios.</abstract><cop>New York, NY, USA</cop><pub>ACM</pub><doi>10.1145/3307650.3322232</doi><tpages>12</tpages></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISBN: 9781450366694 |
| ispartof | 2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA), 2019, p.385-396 |
| issn | 2575-713X |
| language | eng |
| recordid | cdi_ieee_primary_8980327 |
| source | IEEE Xplore All Conference Series |
| subjects | Computer systems organization Computer systems organization -- Dependable and fault-tolerant systems and networks Computer systems organization -- Dependable and fault-tolerant systems and networks -- Processors and memory architectures Hardware Hardware -- Integrated circuits Hardware -- Integrated circuits -- Semiconductor memory Information systems Information systems -- Information storage systems Information systems -- Information storage systems -- Information storage technologies Security and privacy Security and privacy -- Security in hardware Security and privacy -- Security in hardware -- Hardware attacks and countermeasures Security and privacy -- Security in hardware -- Hardware attacks and countermeasures -- Side-channel analysis and countermeasures Security and privacy -- Security in hardware -- Tamper-proof and tamper-resistant designs Security and privacy -- Systems security |
| title | TWiCe: preventing row-hammering by exploiting time window counters |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T14%3A04%3A31IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-acm_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=TWiCe:%20preventing%20row-hammering%20by%20exploiting%20time%20window%20counters&rft.btitle=2019%20ACM/IEEE%2046th%20Annual%20International%20Symposium%20on%20Computer%20Architecture%20(ISCA)&rft.au=Lee,%20Eojin&rft.date=2019-06-22&rft.spage=385&rft.epage=396&rft.pages=385-396&rft.eissn=2575-713X&rft.isbn=9781450366694&rft.isbn_list=1450366694&rft_id=info:doi/10.1145/3307650.3322232&rft.eisbn=9781450366694&rft.eisbn_list=1450366694&rft_dat=%3Cacm_CHZPO%3Eacm_books_10_1145_3307650_3322232%3C/acm_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-a247t-eea5f9997a7707001217293e13af2c6dec74d4c24c73de8ae7fdb8a4b6ea4abd3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=8980327&rfr_iscdi=true |