In recent years, the ability to induce bit-flips in DRAM cells via software-only driven charge depletion has been successfully exploited to gain unauthorized privileged access to the functional resources on fixed and mobile computational platforms. The first crucial step in executing these attacks, collectively known as rowhammer attacks, concerns gaining the knowledge of how virtual memory addresses are mapped onto the geometric addresses of the physical DRAM module(s). We propose a methodology to reverse engineer such maps without direct physical probing of the DRAM bus of the target platform. We validate the correctness of the inferred maps against some publicly available data about modern Intel CPUs maps and show that they depend on the number of installed memory modules.

Software-only reverse engineering of physical dram mappings for rowhammer attacks

A. Barenghi;L. Breveglieri;IZZO, NICCOLO';G. Pelosi
2018

Abstract

In recent years, the ability to induce bit-flips in DRAM cells via software-only driven charge depletion has been successfully exploited to gain unauthorized privileged access to the functional resources on fixed and mobile computational platforms. The first crucial step in executing these attacks, collectively known as rowhammer attacks, concerns gaining the knowledge of how virtual memory addresses are mapped onto the geometric addresses of the physical DRAM module(s). We propose a methodology to reverse engineer such maps without direct physical probing of the DRAM bus of the target platform. We validate the correctness of the inferred maps against some publicly available data about modern Intel CPUs maps and show that they depend on the number of installed memory modules.
3rd IEEE International Verification and Security Workshop, IVSW 2018
978-1-5386-6544-2
978-1-5386-6545-9
File in questo prodotto:
File Dimensione Formato  
bbip_IVSW_2018.pdf

Accesso riservato

Descrizione: main article
: Post-Print (DRAFT o Author’s Accepted Manuscript-AAM)
Dimensione 1.79 MB
Formato Adobe PDF
1.79 MB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11311/1070246
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 10
  • ???jsp.display-item.citation.isi??? 5
social impact