GuardION: Practical Mitigation of DMA-Based Rowhammer Attacks on ARM

Over the last two years, the Rowhammer bug transformed from a hard-to-exploit DRAM disturbance error into a fully weaponized attack vector. Researchers demonstrated exploits not only against desktop computers, but also used single bit flips to compromise the cloud and mobile devices, all without relying on any software vulnerability.

[1]  Herbert Bos,et al.  Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[2]  Herbert Bos,et al.  Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[3]  Stefan Mangard,et al.  Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript , 2015, DIMVA.

[4]  Ahmad-Reza Sadeghi,et al.  CAn't Touch This: Practical and Generic Software-only Defenses Against Rowhammer Attacks , 2016, ArXiv.

[5]  Yanick Fratantonio,et al.  Drammer: Deterministic Rowhammer Attacks on Mobile Platforms , 2016, CCS.

[6]  Yuan Xiao,et al.  One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation , 2016, USENIX Security Symposium.

[7]  Zhi Zhang,et al.  Still Hammerable and Exploitable: on the Effectiveness of Software-only Physical Kernel Isolation , 2018, ArXiv.

[8]  Todd M. Austin,et al.  When good protections go bad: Exploiting anti-DoS measures to accelerate rowhammer attacks , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[9]  Reetuparna Das,et al.  ANVIL: Software-Based Protection Against Next-Generation Rowhammer Attacks , 2016, ASPLOS.

[10]  Mel Gorman,et al.  Understanding the Linux Virtual Memory Manager , 2004 .

[11]  Rui Qiao,et al.  A new approach for rowhammer attacks , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[12]  Stefan Katzenbeisser,et al.  Intrinsic Rowhammer PUFs: Leveraging the Rowhammer effect for improved security , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[13]  Chris Fallin,et al.  Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors , 2014, 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA).

[14]  Stefan Mangard,et al.  DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks , 2015, USENIX Security Symposium.

[15]  Onur Mutlu,et al.  Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques , 2017, 2017 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[16]  Herbert Bos,et al.  Flip Feng Shui: Hammering a Needle in the Software Stack , 2016, USENIX Security Symposium.