Homework9_Solution (1)

pdf

School

Rutgers University *

*We aren’t endorsed by this school

Course

446

Subject

Computer Science

Date

Jan 9, 2024

Type

pdf

Pages

Uploaded by dan47433

ECE 446/579:04 (Spring 2023) Homework #9 Solution 1. (DRAM and Rowhammer Attack Basics) In Lecture 9 we mainly discussed rowhammer attacks on DRAMs. Please answer the following questions: a. What is DRAM and how does it work as the main memory to store bits 0 or 1? b. What is rowhammer attack and how does it work to flip bits in DRAM? a. See example from Page 6-20 in Slides at https://speakerdeck.com/burnflare/row-hammer-papers-we-love Each DRAM cell consists of one transistor and one capacitor. The bit 0 or 1 is stored as a charge at the capacitor, which is controlled by the charging/discharging process related to the wordline, bitline, and the transistor. b. Row hammer attack keeps opening/closing one row of the DRAM, which causes some charges of the capacitors to leak to the neighboring rows. 2. (Rowhammer Attack) In the lecture we discussed the following two code snippets regarding rowhammer attack from paper “Y. Kim et al., Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors, pp. 361-372 , ISCA 2014”: where code1a would cause bit flips while code1b would not. Please explain the following: a. What is the role of the clflush instructions in code1a? b. Why would code1a cause bit flips while code1b would not? a. Flush the cache. b. Code 1a accesses two different rows on the same back, which would cause repeated opening/closing of both rows and result in RowHammer effects. Code 1b only accesses one row, and the row would only be opened/closed once (because of the row buffer) and thus would not cause RowHammer effects. (Read Section 4 of the paper for details). 3. (Privilege Escalation Attack) In the lecture we discussed a privilege escalation attack by applying rowhammer on page table entries (PTEs), in which the attacker could gain root access to the entire memory. Please discuss how such privilege escalation attack works and what is the key property that leads to the success of the attack. In the privilege escalation attack, the attacker conducts RowHammer attack to induce bit flips in the physical address of a page table entry (PTE). The flipped physical address is possible to point to another PTE, to which the attacker would be able to gain read & write access. By manipulating that PTE, the attacker can in turn gain access to any arbitrary location of the main memory and thus take control over the entire memory. The key property that leads to the success of the attack is the “self-reference” from one PTE to another PTE. This ensures that the attacker gains read & write access to the latter PTE, which is the root cause of the access to the entire memory.

4. (Rowhammer Attack Countermeasures) We discussed the ASPLOS’19 paper: “Xin-Chuan Wu, et al., Protecting Page Tables from RowHammer Attacks using Monotonic Pointers in DRAM True-Cells, ASPLOS 2019”. a. What does a monotonic pointer refer to in the paper, and how does the proposed approach implement it? b. Please describe how monotonic pointers (together with other necessary operations) help defend against rowhammer attack (i.e., how does it break the “key property” you described in Question 3). a. It means that, under the RowHammer attack, the physical address in a victim PTE would point to a lower address space than the PTE itself. This is achieved by using true-cells to host the PTEs, in which the bits can only turn from 1 to 0 under a RowHammer attack. b. The paper proposes to use a water mark to split the PTEs and the regular data objects in the main memory. The regular data objects are below the water mark, and the PTEs are above the water mark. In this way, the monotonic pointers implemented for the PTEs would have a high chance to point to the regular data objects below the water mark, instead of other PTEs. Therefore, the key property required by the privilege escalation attack, i.e., self-reference from one PTE to another PTE, would be broken. 5. (Rowhammer Attack Countermeasures) Please suggest 1 or 2 other countermeasures to defend against rowhammer attacks, in addition to the approach discussed in Question 4. Increasing refreshing frequency, adjacent row activation, etc., as discussed in Section 8 of the RowHammer paper.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Related Documents

Homework2_Solutions (1).pdf

Homework6_Solution (1).pdf

Homework5_Solution (1).pdf

Homework8_Solution (1).pdf

Homework10_Solution (1).pdf

Homework12_Solution (1).pdf

Homework3_Solution (1).pdf

M08 Final Exam Part 1 SDEV 120.docx

CourseProject_Phase4_DeandreWheelington.docx

CourseProject_Phase2_DeandreWheelington.docx

Computer_Science_211a_Final_Examination_Fall_2003.pdf

Assignment 1 Exercise Answers.docx

Recommended textbooks for you

C++ for Engineers and Scientists

Computer Science

ISBN:9781133187844

Author:Bronson, Gary J.

Publisher:Course Technology Ptr

Systems Architecture

Computer Science

ISBN:9781305080195

Author:Stephen D. Burd

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781285867168

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

MIS

Computer Science

ISBN:9781337681919

Author:BIDGOLI

Publisher:Cengage

Enhanced Discovering Computers 2017 (Shelly Cashm...

Computer Science

ISBN:9781305657458

Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell

Publisher:Cengage Learning

SEE MORE TEXTBOOKS

Recommended textbooks for you

C++ for Engineers and Scientists
Computer Science
ISBN:9781133187844
Author:Bronson, Gary J.
Publisher:Course Technology Ptr
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning