CRII: SaTC: Rowhammer Attack on Fresh and Recycled Memory Chips: Security Risks and Defenses

CRII：SaTC：对新鲜和回收内存芯片的 Rowhammer 攻击：安全风险和防御

• 批准号: 2214108
• 负责人: Md Rahman
• 金额: $ 17.5万
• 依托单位: Florida International University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-10-01 至 2025-02-28
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2214108&HistoricalAwards=false
• 关键词: CRII; SaTC; Rowhammer; Attack; Fresh

Rowhammer is a software-assisted cyber attack that causes malicious changes to the target memory cells of dynamic random-access memory (DRAM) due to charge leakage, by crafting memory access patterns which rapidly access the same row multiple times. This research focuses on proper hardware characterization towards a Rowhammer-resistant memory system. This characterization will also inform whether Rowhammer susceptibility increases with aging, and if so, will enable a method for detecting recycled chips.The research will (i) identify the Rowhammer-prone memory cells through hardware characterization, (ii) develop a low-cost system-level technique to build a Rowhammer-resistant memory system, (iii) experimentally study the vulnerability of counterfeit (especially recycled) DRAM chips to Rowhammer, and (iv) develop a framework that identifies recycled DRAM chips, if a relationship between Rowhammer effectiveness and aging is found. The research findings and tools will be of high interest to the individual consumers, federal agencies, data centers, healthcare, enterprise, and automobile systems, that are the targets of Rowhammer attacker. The cross-cutting nature of this research will broaden the advancement of knowledge in the field of computer systems, security, and reliability and will enable collaboration between various communities (systems/device/reliability/hardware-security/algorithms). The graduate and undergraduate students working on this project will receive training and grow expertise in the related fields. The research findings will also be used in existing and new graduate/undergraduate courses on hardware-security for training and education.All publicly released data, source codes, and peer-reviewed research articles will be made available during the period of performance and afterward, and will be posted at https://www.trust-hub.org/data and http://webpages.uah.edu/~mtr0011.This award is jointly funded by the Division of Computer and Network Systems in the Directorate for Computer & Information Science & Engineering and the Established Program to Stimulate Competitive Research in the Office of Integrative Activities.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

Rowhammer是一种软件辅助的网络攻击，通过制作多次快速访问同一行的存储器访问模式，由于电荷泄漏，导致动态随机存取存储器（DRAM）的目标存储单元发生恶意更改。本研究的重点是适当的硬件表征对Rowhammer耐内存系统。该表征还将告知Rowhammer敏感性是否随着老化而增加，如果是这样，将实现检测回收芯片的方法。该研究将（i）通过硬件表征识别Rowhammer倾向的存储单元，（ii）开发低成本的系统级技术来构建Rowhammer抗性存储系统，（iii）实验研究伪造的脆弱性，（特别是回收的）DRAM芯片，以及（iv）开发一个框架，识别回收的DRAM芯片，如果发现Rowhammer有效性和老化之间的关系。研究结果和工具将引起个人消费者，联邦机构，数据中心，医疗保健，企业和汽车系统的高度兴趣，是Rowhammer攻击者的目标这项研究的跨领域性质将扩大计算机系统，安全性和可靠性领域的知识进步，并将使各种社区（系统/设备/可靠性/硬件安全/算法）之间的合作成为可能。从事该项目的研究生和本科生将接受培训，并在相关领域发展专业知识。研究成果也将用于现有的和新的研究生/本科生课程的硬件安全培训和教育。所有公开发布的数据，源代码和同行评审的研究文章将在性能期间和之后提供，并将张贴在https://www.trust-hub.org/data和http://webpages.uah.edu/~mtr0011.This奖是由计算机信息科学工程局计算机和网络系统部门&&和综合活动办公室的既定计划共同资助的。该奖项反映了NSF的法定基金会的使命是履行其使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评价，被认为值得支持。

项目成果

DRAM Retention Behavior with Accelerated Aging in Commercial Chips

商用芯片中加速老化的 DRAM 保留行为

• DOI: 10.3390/app12094332
• 发表时间: 2022
• 期刊: Applied Sciences
• 作者: Bepary, Md Kawser;Talukder, Bashir Mohammad;Rahman, Md Tauhidur
• 通讯作者: Rahman, Md Tauhidur

Utilization of Impedance Disparity Incurred from Switching Activities to Monitor and Characterize Firmware Activities

利用开关活动产生的阻抗差异来监控和表征固件活动

• DOI: 10.1109/paine56030.2022.10014924
• 发表时间: 2022
• 期刊: 2022 IEEE Physical Assurance and Inspection of Electronics (PAINE
• 作者: Awal, Md Sadik;Thompson, Christopher;Rahman, Md Tauhidur
• 通讯作者: Rahman, Md Tauhidur