Rawhammer attacks threaten our devices

The Rowhammer vulnerability is a common defect to the existing DRAM chips, allowing adversaries to trigger bit flips (which they normally are not permitted to) by accessing adjacent rows of memory cells at high frequencies. Carefully exploiting a single bit flip, the attackers may eventually be able to leak sensitive data structures (i.e. page tables, cryptographic keys, object pointers, or even opcodes, instructions in a program) bypassing all current defenses.

Those targeted data structures may reside in the kernel, other virtual machines or remote systems. Such attacks may engage native code, JavaScript, co-processors such as GPUs,  or even DMA units. In Rowhammer attacks, adversaries exploit flaws to escalate privileges, weaken cryptographic keys, take advantage of remote systems, or cause a denial-of-service attack to lock down the processor.

The story began in 2014, where IT researchers presented that is feasible to flip bits in DDR3 memory on x86 CPUs simply by accessing other parts of memory. Since then, several research works have shown that Rowhammer can be a real-world exploit in many systems. The first practical Rowhammer-based privilege escalation attack demonstration, launched on the x86 architecture and DDR3 memory, hammered the memory rows and obtained access to privileged pages by flipping bits in page table entries. Thereafter, research on Rowhammer attacks has been expanded and proved that it can be realized in different manners of local code execution, such as from JavaScript (allowing a malicious web page to obtain arbitrary read/write access to the browser address space. Recent research has shown that ARM processors and DDR4 are vulnerable as well. Recently, the research has moved a step beyond to demonstrate that Rowhammer attacks can be launched remotely on servers by sending network traffic over high-speed network to a victim process, using RDMA NICs allowing them to flip bits in the server and thus managing to manipulate data in a key-value store and eventually compromise the overall process of the server. As a consequence, Rowhammer attacks have become a serious and very practical attack vector that threatens PCs, VMs in clouds, and mobile phones, targeting the most popular architectures in common computing environments, with different types of memory implementing common threat models.

Hardware-based defenses on Rowhammer attacks have been proved impractical to be applied in the billions of devices already operating. There are three Hardware-based defenses categories: i) refresh rate boosting, ii) Target Row Refresh (TRR), and iii) error correcting codes. Refresh rate boosting are not capable of encountering entirely Rowhammer attacks without unacceptable performance loss and power consumption increase. TTR defense is more effective, but not widely deployed. Error Correcting Codes (ECC), cannot stop complicated attacks that flip multiple bits per memory word and ECC memory is unavailable In most consumer devices.

Software-based defenses may also be considered ineffective. Existing software-based defenses are divided into primitive weakening, detection, and isolation. Primitive weakening may hinder in some ways the Rowhammer attack, though, they cannot totally prevent Rowhammer. Detection type defense uses heuristics to catch the attack, nonetheless, hardware performance counters are not available on all CPUs and cannot impede attacks that do not trigger unusual cache behaviour or launching from unmonitored devices.

Isolation defense isolates the memory of different security domains in memory with unused guard rows that absorb bit flips. Unfortunately, such defences may facilitate the opportunity to flip bits in sensitive memory and employ devastating attacks.

Radhesh Krishnan Konoth, Marco Oliverio, Andrei Tatar, Dennis Andriesse, Herbert Bos, Cristiano Giuffrida and Kaveh Razavi in their research work “ZebRAM: Comprehensive and Compatible Software Protection Against Rowhammer Attacks” propose a novel and comprehensive software-based approach to protect against Rowhammer attacks. ZebRAM can isolate every DRAM row that contains data using guard rows which effectively absorb any Rowhammer-induced bit flips that may occur (much like the black-and-white stripes of a zebra). The ZebRAM approach has been evaluated in terms of security (against traditional exploits and  ZebRAM-aware double-sided more advanced Rowhammer exploits) and performance (in a variety of benchmark suites and workloads).

Apart from the authors’ ZebRAM implementation alternative ZebRAM implementations are also possible. In this line, the authors compare their implementation to alternative hardware-based, OS-based, and guest-transparent virtualization-based implementations. Eventually, ZebRAM software defense has proved to be a strong defense to Rowhammer attacks utilizing overall memory at a cost that is a function of the workload. ZebRAM is an open source able to support future work.