Exploiting Correcting Codes on the Effectiveness of ECC Memory Against Rowhammer Attacks

Explore the vulnerabilities of Error-Correcting Code (ECC) memory against Rowhammer attacks in this 20-minute conference talk presented at the 2019 IEEE Symposium on Security & Privacy. Delve into the challenges of assessing ECC's effectiveness as a defense mechanism, including the lack of detailed information on commodity system implementations and the limitations of existing exploitation techniques. Discover a novel approach that combines custom hardware probes, Rowhammer bit flips, and cold boot attacks to reverse engineer ECC functions on AMD and Intel processors. Learn about ECCploit, a new Rowhammer attack method that utilizes composable, data-controlled bit flips and exploits a previously unknown side channel in the ECC memory controller. Examine how ECCploit demonstrates that ECC memory, while reducing the attack surface, remains susceptible to reliable Rowhammer attacks across various systems and configurations. Gain insights into the practical power of ECCploit in mimicking prior Rowhammer exploits despite the constraints imposed by ECC memory.