Epistemology of Rowhammer Attacks: Threats to Rowhammer Research Validity
Abstract
This paper systematically analyzes 32 offensive Rowhammer papers, including 48 experiments. However, we avoid finger-pointing but identify 6 threats to the validity and relevance of Rowhammer research results and give multiple examples. The threats include small sample sizes, over-estimated attacker capabilities, unrealistic attack scenarios, non-comparability of the results, age and wear of hardware, and sub-optimal attack performance metrics. Additionally, we provide recommendations with detailed justification to the scientific community to mitigate those threats: (1) pre-experimental testing of DIMM integrity, (2) increasing and broadening the DIMM sample size, (3) expanding reproduction studies of published work, (4) defining attacks in real-world conditions and distinguishing them from theoretical ones, (5) publishing DIMM manufacturing data, (6) documenting DIMM wear and, (7) leveraging multiple metrics for bit flip evaluations.
Mehr zum Titel
| Titel | Epistemology of Rowhammer Attacks: Threats to Rowhammer Research Validity |
|---|---|
| Medien | 30th European Symposium on Research in Computer Security (ESORICS) |
| Verlag | --- |
| Heft | --- |
| Band | --- |
| ISBN | --- |
| Verfasser/Herausgeber | Martin Heckel, Hannes Weissteiner, Prof. Dr. Florian Adamsky, Prof. Dr. Daniel Gruss |
| Seiten | --- |
| Veröffentlichungsdatum | 2025-06-22 |
| Projekttitel | --- |
| Zitation | Heckel, Martin; Weissteiner, Hannes; Adamsky, Florian; Gruss, Daniel (2025): Epistemology of Rowhammer Attacks: Threats to Rowhammer Research Validity. 30th European Symposium on Research in Computer Security (ESORICS). |