Loading…

Nethammer: Inducing Rowhammer Faults through Network Requests

A fundamental assumption in software security is that memory contents do not change unless there is a legitimate deliberate modification. Classical fault attacks show that this assumption does not hold if the attacker has physical access. Rowhammer attacks showed that local code execution is already...

Full description

Saved in:
Bibliographic Details
Published in:arXiv.org 2018-05
Main Authors: Lipp, Moritz, Misiker Tadesse Aga, Schwarz, Michael, Gruss, Daniel, Clémentine Maurice, Raab, Lukas, Lamster, Lukas
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page
container_issue
container_start_page
container_title arXiv.org
container_volume
creator Lipp, Moritz
Misiker Tadesse Aga
Schwarz, Michael
Gruss, Daniel
Clémentine Maurice
Raab, Lukas
Lamster, Lukas
description A fundamental assumption in software security is that memory contents do not change unless there is a legitimate deliberate modification. Classical fault attacks show that this assumption does not hold if the attacker has physical access. Rowhammer attacks showed that local code execution is already sufficient to break this assumption. Rowhammer exploits parasitic effects in DRAM to modify the content of a memory cell without accessing it. Instead, other memory locations are accessed at a high frequency. All Rowhammer attacks so far were local attacks, running either in a scripted language or native code. In this paper, we present Nethammer. Nethammer is the first truly remote Rowhammer attack, without a single attacker-controlled line of code on the targeted system. Systems that use uncached memory or flush instructions while handling network requests, e.g., for interaction with the network device, can be attacked using Nethammer. Other systems can still be attacked if they are protected with quality-of-service techniques like Intel CAT. We demonstrate that the frequency of the cache misses is in all three cases high enough to induce bit flips. We evaluated different bit flip scenarios. Depending on the location, the bit flip compromises either the security and integrity of the system and the data of its users, or it can leave persistent damage on the system, i.e., persistent denial of service. We investigated Nethammer on personal computers, servers, and mobile phones. Nethammer is a security landslide, making the formerly local attack a remote attack.
format article
fullrecord <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2073314743</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2073314743</sourcerecordid><originalsourceid>FETCH-proquest_journals_20733147433</originalsourceid><addsrcrecordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mSw9UstyUjMzU0tslLwzEspTc7MS1cIyi-HiCm4JZbmlBQrlGQU5ZemZygAFZfnF2UrBKUWlqYWlxTzMLCmJeYUp_JCaW4GZTfXEGcP3YKifLCK-Kz80qI8oFS8kYE50BUm5ibGxsSpAgCbODg6</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2073314743</pqid></control><display><type>article</type><title>Nethammer: Inducing Rowhammer Faults through Network Requests</title><source>Publicly Available Content Database</source><creator>Lipp, Moritz ; Misiker Tadesse Aga ; Schwarz, Michael ; Gruss, Daniel ; Clémentine Maurice ; Raab, Lukas ; Lamster, Lukas</creator><creatorcontrib>Lipp, Moritz ; Misiker Tadesse Aga ; Schwarz, Michael ; Gruss, Daniel ; Clémentine Maurice ; Raab, Lukas ; Lamster, Lukas</creatorcontrib><description>A fundamental assumption in software security is that memory contents do not change unless there is a legitimate deliberate modification. Classical fault attacks show that this assumption does not hold if the attacker has physical access. Rowhammer attacks showed that local code execution is already sufficient to break this assumption. Rowhammer exploits parasitic effects in DRAM to modify the content of a memory cell without accessing it. Instead, other memory locations are accessed at a high frequency. All Rowhammer attacks so far were local attacks, running either in a scripted language or native code. In this paper, we present Nethammer. Nethammer is the first truly remote Rowhammer attack, without a single attacker-controlled line of code on the targeted system. Systems that use uncached memory or flush instructions while handling network requests, e.g., for interaction with the network device, can be attacked using Nethammer. Other systems can still be attacked if they are protected with quality-of-service techniques like Intel CAT. We demonstrate that the frequency of the cache misses is in all three cases high enough to induce bit flips. We evaluated different bit flip scenarios. Depending on the location, the bit flip compromises either the security and integrity of the system and the data of its users, or it can leave persistent damage on the system, i.e., persistent denial of service. We investigated Nethammer on personal computers, servers, and mobile phones. Nethammer is a security landslide, making the formerly local attack a remote attack.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Computer memory ; Cybersecurity ; Landslides ; Mobile computing ; Personal computers</subject><ispartof>arXiv.org, 2018-05</ispartof><rights>2018. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.proquest.com/docview/2073314743?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>780,784,25753,37012,44590</link.rule.ids></links><search><creatorcontrib>Lipp, Moritz</creatorcontrib><creatorcontrib>Misiker Tadesse Aga</creatorcontrib><creatorcontrib>Schwarz, Michael</creatorcontrib><creatorcontrib>Gruss, Daniel</creatorcontrib><creatorcontrib>Clémentine Maurice</creatorcontrib><creatorcontrib>Raab, Lukas</creatorcontrib><creatorcontrib>Lamster, Lukas</creatorcontrib><title>Nethammer: Inducing Rowhammer Faults through Network Requests</title><title>arXiv.org</title><description>A fundamental assumption in software security is that memory contents do not change unless there is a legitimate deliberate modification. Classical fault attacks show that this assumption does not hold if the attacker has physical access. Rowhammer attacks showed that local code execution is already sufficient to break this assumption. Rowhammer exploits parasitic effects in DRAM to modify the content of a memory cell without accessing it. Instead, other memory locations are accessed at a high frequency. All Rowhammer attacks so far were local attacks, running either in a scripted language or native code. In this paper, we present Nethammer. Nethammer is the first truly remote Rowhammer attack, without a single attacker-controlled line of code on the targeted system. Systems that use uncached memory or flush instructions while handling network requests, e.g., for interaction with the network device, can be attacked using Nethammer. Other systems can still be attacked if they are protected with quality-of-service techniques like Intel CAT. We demonstrate that the frequency of the cache misses is in all three cases high enough to induce bit flips. We evaluated different bit flip scenarios. Depending on the location, the bit flip compromises either the security and integrity of the system and the data of its users, or it can leave persistent damage on the system, i.e., persistent denial of service. We investigated Nethammer on personal computers, servers, and mobile phones. Nethammer is a security landslide, making the formerly local attack a remote attack.</description><subject>Computer memory</subject><subject>Cybersecurity</subject><subject>Landslides</subject><subject>Mobile computing</subject><subject>Personal computers</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mSw9UstyUjMzU0tslLwzEspTc7MS1cIyi-HiCm4JZbmlBQrlGQU5ZemZygAFZfnF2UrBKUWlqYWlxTzMLCmJeYUp_JCaW4GZTfXEGcP3YKifLCK-Kz80qI8oFS8kYE50BUm5ibGxsSpAgCbODg6</recordid><startdate>20180513</startdate><enddate>20180513</enddate><creator>Lipp, Moritz</creator><creator>Misiker Tadesse Aga</creator><creator>Schwarz, Michael</creator><creator>Gruss, Daniel</creator><creator>Clémentine Maurice</creator><creator>Raab, Lukas</creator><creator>Lamster, Lukas</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20180513</creationdate><title>Nethammer: Inducing Rowhammer Faults through Network Requests</title><author>Lipp, Moritz ; Misiker Tadesse Aga ; Schwarz, Michael ; Gruss, Daniel ; Clémentine Maurice ; Raab, Lukas ; Lamster, Lukas</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_20733147433</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Computer memory</topic><topic>Cybersecurity</topic><topic>Landslides</topic><topic>Mobile computing</topic><topic>Personal computers</topic><toplevel>online_resources</toplevel><creatorcontrib>Lipp, Moritz</creatorcontrib><creatorcontrib>Misiker Tadesse Aga</creatorcontrib><creatorcontrib>Schwarz, Michael</creatorcontrib><creatorcontrib>Gruss, Daniel</creatorcontrib><creatorcontrib>Clémentine Maurice</creatorcontrib><creatorcontrib>Raab, Lukas</creatorcontrib><creatorcontrib>Lamster, Lukas</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Lipp, Moritz</au><au>Misiker Tadesse Aga</au><au>Schwarz, Michael</au><au>Gruss, Daniel</au><au>Clémentine Maurice</au><au>Raab, Lukas</au><au>Lamster, Lukas</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>Nethammer: Inducing Rowhammer Faults through Network Requests</atitle><jtitle>arXiv.org</jtitle><date>2018-05-13</date><risdate>2018</risdate><eissn>2331-8422</eissn><abstract>A fundamental assumption in software security is that memory contents do not change unless there is a legitimate deliberate modification. Classical fault attacks show that this assumption does not hold if the attacker has physical access. Rowhammer attacks showed that local code execution is already sufficient to break this assumption. Rowhammer exploits parasitic effects in DRAM to modify the content of a memory cell without accessing it. Instead, other memory locations are accessed at a high frequency. All Rowhammer attacks so far were local attacks, running either in a scripted language or native code. In this paper, we present Nethammer. Nethammer is the first truly remote Rowhammer attack, without a single attacker-controlled line of code on the targeted system. Systems that use uncached memory or flush instructions while handling network requests, e.g., for interaction with the network device, can be attacked using Nethammer. Other systems can still be attacked if they are protected with quality-of-service techniques like Intel CAT. We demonstrate that the frequency of the cache misses is in all three cases high enough to induce bit flips. We evaluated different bit flip scenarios. Depending on the location, the bit flip compromises either the security and integrity of the system and the data of its users, or it can leave persistent damage on the system, i.e., persistent denial of service. We investigated Nethammer on personal computers, servers, and mobile phones. Nethammer is a security landslide, making the formerly local attack a remote attack.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier EISSN: 2331-8422
ispartof arXiv.org, 2018-05
issn 2331-8422
language eng
recordid cdi_proquest_journals_2073314743
source Publicly Available Content Database
subjects Computer memory
Cybersecurity
Landslides
Mobile computing
Personal computers
title Nethammer: Inducing Rowhammer Faults through Network Requests
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-23T05%3A54%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=Nethammer:%20Inducing%20Rowhammer%20Faults%20through%20Network%20Requests&rft.jtitle=arXiv.org&rft.au=Lipp,%20Moritz&rft.date=2018-05-13&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2073314743%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-proquest_journals_20733147433%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2073314743&rft_id=info:pmid/&rfr_iscdi=true