ImPress: Securing DRAM Against Data-Disturbance Errors via Implicit Row-Press Mitigation
- URL: http://arxiv.org/abs/2407.16006v1
- Date: Mon, 22 Jul 2024 19:20:14 GMT
- Title: ImPress: Securing DRAM Against Data-Disturbance Errors via Implicit Row-Press Mitigation
- Authors: Moinuddin Qureshi, Anish Saxena, Aamer Jaleel,
- Abstract summary: DRAM cells are susceptible to Data-Disturbance Errors (DDE)
Rowhammer is a well-known DDE vulnerability that occurs when a row is repeatedly activated.
Row-Press (RP) is a new DDE vulnerability that occurs when a row is kept open for a long time.
- Score: 1.3921736520874155
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: DRAM cells are susceptible to Data-Disturbance Errors (DDE), which can be exploited by an attacker to compromise system security. Rowhammer is a well-known DDE vulnerability that occurs when a row is repeatedly activated. Rowhammer can be mitigated by tracking aggressor rows inside DRAM (in-DRAM) or at the Memory Controller (MC). Row-Press (RP) is a new DDE vulnerability that occurs when a row is kept open for a long time. RP significantly reduces the number of activations required to induce an error, thus breaking existing RH solutions. Prior work on Explicit Row-Press mitigation, ExPress, requires the memory controller to limit the maximum row-open-time, and redesign existing Rowhammer solutions with reduced Rowhammer threshold. Unfortunately, ExPress incurs significant performance and storage overheads, and being a memory controller-based solution, it is incompatible with in-DRAM trackers. In this paper, we propose Implicit Row-Press mitigation (ImPress), which does not restrict row-open-time, is compatible with memory controller-based and in-DRAM solutions and does not reduce the tolerated Rowhammer threshold. ImPress treats a row open for a specified time as equivalent to an activation. We design ImPress by developing a Unified Charge-Loss Model, which combines the net effect of both Rowhammer and Row-Press for arbitrary patterns. We analyze both controller-based (Graphene and PARA) and in-DRAM trackers (Mithril and MINT). We show that ImPress makes Rowhammer solutions resilient to Row-Press transparently, without affecting the Rowhammer threshold.
Related papers
- MOAT: Securely Mitigating Rowhammer with Per-Row Activation Counters [0.3580891736370874]
DDR5 specifications have been extended to support Per-Row Activation Counting (PRAC), with counters inlined with each row, and ALERT-Back-Off (ABO) to stop the memory controller if the DRAM needs more time to mitigate.
Although PRAC+ABO represents a strong advance in Rowhammer protection, they are just a framework, and the actual security is dependent on the implementation.
We propose MOAT, a provably secure design, which uses two internal thresholds: ETH, an "Eligibility Threshold" for mitigating a row, and ATH, an "ALERT Threshold" for initiating
arXiv Detail & Related papers (2024-07-13T20:28:02Z) - RowPress Vulnerability in Modern DRAM Chips [7.046976177695823]
We demonstrate RowPress, a DRAM read disturbance phenomenon different from the well-known RowHammer.
We experimentally characterize RowPress bitflips, showing their widespread existence in commodity off-the-shelf DDR4 DRAM chips.
We propose effective mitigation techniques that protect DRAM against both RowHammer and RowPress.
arXiv Detail & Related papers (2024-06-23T16:26:35Z) - LARM: Large Auto-Regressive Model for Long-Horizon Embodied Intelligence [68.27280750612204]
We introduce the large auto-regressive model (LARM) for embodied agents.
LARM uses both text and multi-view images as input and predicts subsequent actions in an auto-regressive manner.
Adopting a two-phase training regimen, LARM successfully harvests enchanted equipment in Minecraft.
arXiv Detail & Related papers (2024-05-27T17:59:32Z) - Probabilistic Tracker Management Policies for Low-Cost and Scalable Rowhammer Mitigation [5.597216094757414]
In recent years, solutions like TRR have been deployed in DDR4 DRAM to track aggressor rows and then issue a mitigative action by refreshing neighboring rows.
Such in-DRAM solutions are resource-constrained (only able to provision few tens of counters to track aggressor rows) and are prone to thrashing based attacks, that have been used to fool them.
In this work, we demonstrate secure and scalable rowhammer mitigation using resource-constrained trackers.
arXiv Detail & Related papers (2024-04-24T23:57:58Z) - AdvPrompter: Fast Adaptive Adversarial Prompting for LLMs [51.217126257318924]
We present a novel method that uses another Large Language Models, called the AdvPrompter, to generate human-readable adversarial prompts in seconds.
We train the AdvPrompter using a novel algorithm that does not require access to the gradients of the TargetLLM.
The trained AdvPrompter generates suffixes that veil the input instruction without changing its meaning, such that the TargetLLM is lured to give a harmful response.
arXiv Detail & Related papers (2024-04-21T22:18:13Z) - Leveraging Adversarial Detection to Enable Scalable and Low Overhead RowHammer Mitigations [5.767293823380473]
We tackle the performance overheads of RowHammer solutions by tracking the generators of memory accesses that trigger RowHammer solutions.
BreakHammer limits the number of on-the-fly requests a thread can inject into the memory system based on the thread's RowHammer likelihood.
arXiv Detail & Related papers (2024-04-20T22:09:38Z) - RelayAttention for Efficient Large Language Model Serving with Long System Prompts [59.50256661158862]
This paper aims to improve the efficiency of LLM services that involve long system prompts.
handling these system prompts requires heavily redundant memory accesses in existing causal attention algorithms.
We propose RelayAttention, an attention algorithm that allows reading hidden states from DRAM exactly once for a batch of input tokens.
arXiv Detail & Related papers (2024-02-22T18:58:28Z) - HiRE: High Recall Approximate Top-$k$ Estimation for Efficient LLM
Inference [68.59839755875252]
HiRE comprises of two novel components: (i) a compression scheme to cheaply predict top-$k$ rows/columns with high recall, followed by full computation restricted to the predicted subset, and (ii) DA-TOP-$k$: an efficient multi-device approximate top-$k$ operator.
We demonstrate that on a one billion parameter model, HiRE applied to both the softmax as well as feedforward layers, achieves almost matching pretraining and downstream accuracy, and speeds up inference latency by $1.47times$ on a single TPUv5e device.
arXiv Detail & Related papers (2024-02-14T18:04:36Z) - RowPress: Amplifying Read Disturbance in Modern DRAM Chips [7.046976177695823]
RowPress breaks memory isolation by keeping a DRAM row open for a long period of time.
In extreme cases, RowPress induces bitflips in a DRAM row when an adjacent row is activated only once.
Our detailed characterization of 164 real DDR4 DRAM chips shows that RowPress affects chips from all three major DRAM manufacturers.
arXiv Detail & Related papers (2023-06-29T16:09:56Z) - Recurrent Dynamic Embedding for Video Object Segmentation [54.52527157232795]
We propose a Recurrent Dynamic Embedding (RDE) to build a memory bank of constant size.
We propose an unbiased guidance loss during the training stage, which makes SAM more robust in long videos.
We also design a novel self-correction strategy so that the network can repair the embeddings of masks with different qualities in the memory bank.
arXiv Detail & Related papers (2022-05-08T02:24:43Z) - Red Alarm for Pre-trained Models: Universal Vulnerability to
Neuron-Level Backdoor Attacks [98.15243373574518]
Pre-trained models (PTMs) have been widely used in various downstream tasks.
In this work, we demonstrate the universal vulnerability of PTMs, where fine-tuned PTMs can be easily controlled by backdoor attacks.
arXiv Detail & Related papers (2021-01-18T10:18:42Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.