HammerScope: Observing DRAM Power Consumption Using Rowhammer

Yaakov Cohen, Kevin Sam Tharayil, Daniel Genkin, Angelos D. Keromytis, Yossi Oren, Yuval Yarom

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The constant reduction in memory cell sizes has increased memory density and reduced power consumption, but has also affected its reliability. The Rowhammer attack exploits this reduced reliability to induce bit flips in memory, without directly accessing these bits. Most Rowhammer attacks target software integrity, but some recent attacks demonstrated its use for compromising confidentiality. Continuing this trend, in this paper we observe that the rh attack strongly correlates with the memory instantaneous power consumption. We exploit this observation to design HammerScope, a Rowhammer-based attack technique for measuring the power consumption of the memory unit. Because the power consumption correlates with the level of activity of the memory, hs allows an attacker to infer memory activity. To demonstrate the offensive capabilities of HammerScope, we use it to mount three information leakage attacks. We first show that hs can be used to break kernel address-space layout randomization (KASLR). Our second attack uses memory activity as a covert channel for a Spectre attack, allowing us to leak information from the operating system kernel. Finally, we demonstrate the use of HammerScope for performing website fingerprinting, compromising user privacy. Our work demonstrates the importance of finding systematic solutions for Rowhammer attacks.

Original languageAmerican English
Title of host publicationCCS 2022 - Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security
Pages547-561
Number of pages15
ISBN (Electronic)9781450394505
DOIs
StatePublished - 7 Nov 2022
Event28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 - Los Angeles, United States
Duration: 7 Nov 202211 Nov 2022

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security

Conference

Conference28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022
Country/TerritoryUnited States
CityLos Angeles
Period7/11/2211/11/22

Keywords

  • rowhammer
  • side-channel attack

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this