Explore a comprehensive conference talk on TRRespass, a novel exploitation technique targeting the Target Row Refresh (TRR) mitigation in DRAM. Delve into the intricacies of DRAM architecture, memory request flow, and refresh mechanisms. Examine the Row Hammer vulnerability and its double-sided variant, along with hardware mitigations implemented to counter these attacks. Understand the goals, challenges, and building blocks of TRRespass, with detailed case studies focusing on specific vendors. Learn about the innovative RowFuzzer tool and its effectiveness in bypassing TRR protections. Analyze the exploitation potential and implications of this research for DRAM security. Gain valuable insights into cutting-edge memory security research and its real-world impact on hardware vulnerabilities.
TRRespass- Exploiting the Many Sides of Target Row Refresh
Overview
Syllabus
Teaser
Memory request flow
DRAM Refresh
Memory array
Read operation: Row 3
Row Hammer
Double-sided RowHammer
Hardware mitigations
Target Row Refresh
Goals
Challenges
Building blocks
Case study: Vendor C
Case study: Observations
TRRespass: The RowFuzzer
TRRespass: Results
Exploitation
Conclusion
Taught by
IEEE Symposium on Security and Privacy
