pith. sign in

arxiv: 2605.17358 · v1 · pith:E62CYXSQnew · submitted 2026-05-17 · 💻 cs.CR

Loaded Dice: Solving the Non-Selection Problem for Scalable Probabilistic RowHammer Defense

Jeonghyun Woo , Junsu Kim , Aamer Jaleel , Prashant J. Nair This is my paper

Pith reviewed 2026-05-19 23:35 UTC · model grok-4.3

classification 💻 cs.CR
keywords RowHammerDRAM securityprobabilistic mitigationPRACmemory defensenon-selection problemAlert Back-Off
0
0 comments X

The pith

PrISM detects persistent RowHammer attacks by correlating reappearing sampled rows across mitigation windows, avoiding the global rate hikes that slow down normal memory traffic.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that probabilistic RowHammer defenses suffer from a non-selection problem at low activation thresholds, where hammered rows can repeatedly escape random sampling. To fix this, PrISM adds a small Sampled History Queue that stores recently sampled but unmitigated rows and triggers an extra mitigation only when the same row reappears. This intersection-based approach raises the mitigation rate selectively rather than uniformly, delivering near-zero slowdown at thresholds where prior methods incur double-digit penalties. The design requires no changes to the DRAM array and uses only a few hundred bytes of SRAM per bank.

Core claim

PrISM is an intersection-based probabilistic mitigation that correlates sampled rows across windows using a Sampled History Queue (SHQ). PrISM samples a few activation slots per window, stores sampled-but-unmitigated rows in the SHQ, and requests an additional mitigation through the existing Alert Back-Off protocol when a sampled row reappears in this history. This allows PrISM to increase mitigation only when persistent row activity is observed, without globally increasing the fixed mitigation rate.

What carries the argument

The Sampled History Queue (SHQ), a small buffer that stores addresses of sampled-but-unmitigated rows so that their reappearance can trigger targeted extra mitigations via the Alert Back-Off protocol.

If this is right

  • At a 500-activation threshold, average slowdown drops to 0.2 percent versus 14 percent for PRAC while using no per-row counters or DRAM array modifications.
  • At a 250-activation threshold, average slowdown falls from 10.7 percent with MINT to 1.5 percent, a 7.1 times improvement.
  • SRAM overhead stays at 625 bytes per bank, one to two orders of magnitude below prior secure counter-based defenses.
  • The method works with the existing JEDEC Alert Back-Off protocol without requiring new DRAM commands or timing changes.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same history-queue intersection idea could apply to other sampling-based defenses that must distinguish persistent threats from bursty but benign traffic.
  • Tuning the sampling rate and queue length jointly might allow further reduction in baseline mitigation rate for a given attack coverage target.
  • Because PrISM only adds mitigations on observed re-sampling, it may leave headroom for future lower thresholds as RowHammer vulnerability worsens with continued DRAM scaling.

Load-bearing premise

Reappearance of a row in the Sampled History Queue reliably signals a RowHammer attack instead of ordinary repeated accesses to the same row.

What would settle it

A benign workload that repeatedly accesses a small set of rows at a rate high enough to cause multiple samples within the SHQ window size but produces no RowHammer errors; if this workload triggers a measurable increase in mitigations or slowdown, the core detection premise fails.

Figures

Figures reproduced from arXiv: 2605.17358 by Aamer Jaleel, Jeonghyun Woo, Junsu Kim, Prashant J. Nair.

Figure 1
Figure 1. Figure 1: Performance overhead of PRAC [101] and MINT [72] under varying double-sided RowHammer thresholds (TRH-D). On high-memory-intensity workloads, PRAC incurs an average 21.8% slowdown due to updates to the activation counter on every activation. In contrast, MINT incurs only 1.4% overhead at TRH-D of 1000, but its slowdown increases to 17.5% at TRH-D of 250 as lower thresholds require more frequent mitigations… view at source ↗
Figure 2
Figure 2. Figure 2: Normalized performance of PRAC [101] across DDR5 interface speeds. At 3200 MT/s, PRAC incurs a 2.2% slowdown, which rises to 14% at 8000 MT/s due to amplified timing penalties at higher data rates. Area Overhead: PRAC also incurs notable area overhead because each row requires additional counter cells and update logic. An early Samsung DSAC work [27] estimates that these additions increase overall DRAM cor… view at source ↗
Figure 3
Figure 3. Figure 3: Design and operation of PrISM. In each mitigation window, PrISM [PITH_FULL_IMAGE:figures/full_fig_p004_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Sampled slots can cluster near adjacent-window boundaries, and all [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
Figure 6
Figure 6. Figure 6: Minimum Supported TRH-D of PrISM under the worst-case circular-X￾rows attack with varying SHQ size and W. Smaller W lowers the supported TRH-D at low SHQ capacities, but its benefit diminishes once the SHQ provides enough history for repeated samples to intersect with high probability. base threshold TbRH-D. In PrISM, however, a selected row may remain in the Pending Mitigation Queue (PMQ) until it is serv… view at source ↗
Figure 5
Figure 5. Figure 5: Minimum supported TRH-D of PrISM under the worst-case circular￾X-rows attack at W = 72, across sampled activation slots (R) and lookback windows (L). Larger R and L jointly increase the per-window mitigation probability, sharply lowering the supported TRH-D. Impact of W [PITH_FULL_IMAGE:figures/full_fig_p007_5.png] view at source ↗
Figure 7
Figure 7. Figure 7: Performance of PrISM at TRH-D of 250, 500, and 1000, compared to MINT [72] and PRAC [101]. MINT incurs low slowdown at higher TRH-D, but its slowdown increases as TRH-D drops because lower thresholds require more frequent fixed-rate RFMs to address the non-selection problem. PRAC incurs roughly 14% average slowdown across thresholds because its overhead is dominated by inflated timing parameters. In contra… view at source ↗
Figure 8
Figure 8. Figure 8: RFM frequency per tREFI per channel for PrISM, MINT, and PRAC. MINT requires more frequent fixed-rate RFMs as T [PITH_FULL_IMAGE:figures/full_fig_p009_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: Performance impact of TRR rate for PrISM, PRAC, and MINT [PITH_FULL_IMAGE:figures/full_fig_p010_9.png] view at source ↗
Figure 10
Figure 10. Figure 10: Performance comparison of PrISM, MOAT [71], MoPAC [98], and Chronus [10]. MOAT incurs 14% slowdown from PRAC’s per-activation counter updates, while MoPAC’s slowdown grows at lower TRH-D due to more frequent sampled updates. PrISM incurs negligible slowdown (≤0.2%) at TRH-D ≥ 500 and only 1.5% at TRH-D of 250, comparable to Chronus without requiring per-row counters or DRAM core changes. C. Performance-De… view at source ↗
read the original abstract

DRAM scaling has exacerbated the RowHammer vulnerability. To counter this, JEDEC recently introduced Per Row Activation Counting (PRAC) with the Alert Back-Off protocol as an optional DDR5 feature. While promising, PRAC requires per-row counter cells that incur area overhead, and updating them on every activation lengthens DRAM timing parameters, degrading performance. Probabilistic mitigations such as MINT offer a lower-cost alternative by randomly selecting and mitigating rows within periodic mitigation windows. MINT is effective at higher thresholds (>= 1000), but at lower thresholds, it must raise its mitigation rate to overcome the non-selection problem, where heavily hammered rows can repeatedly escape sampling. This fixed-rate scaling reduces effective memory bandwidth even when no attack is present. To overcome this limitation, we propose PrISM, an intersection-based probabilistic mitigation that correlates sampled rows across windows using a Sampled History Queue (SHQ). PrISM samples a few activation slots per window, stores sampled-but-unmitigated rows in the SHQ, and requests an additional mitigation through the existing Alert Back-Off protocol when a sampled row reappears in this history. This allows PrISM to increase mitigation only when persistent row activity is observed, without globally increasing the fixed mitigation rate. At the threshold of 500, PrISM incurs a negligible 0.2% average slowdown compared to 14% for PRAC, with no DRAM array changes or per-row counters and only 625B of SRAM per bank, one to two orders of magnitude less than prior secure counter-based in-DRAM defenses. Compared to MINT, PrISM provides better scalability at low thresholds, reducing average slowdown from 10.7% to 1.5% at a threshold of 250, a 7.1x reduction. PrISM is open-sourced at https://github.com/STAR-Laboratory/prism.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 1 minor

Summary. The paper proposes PrISM, a probabilistic RowHammer mitigation for DRAM that solves the non-selection problem of prior schemes like MINT. It samples a small number of activations per mitigation window, stores unmitigated sampled rows in a Sampled History Queue (SHQ), and triggers an extra Alert Back-Off mitigation only when a row reappears in the SHQ. This allows low fixed mitigation rates while scaling to low activation thresholds (250-500). The abstract reports 0.2% average slowdown at threshold 500 (vs. 14% for PRAC) and 1.5% at threshold 250 (vs. 10.7% for MINT), using 625B SRAM per bank with no DRAM array changes or per-row counters. The implementation is open-sourced.

Significance. If the security and performance claims hold under realistic attack models, PrISM would be a significant practical advance: it achieves scalable probabilistic defense at low thresholds using only existing JEDEC Alert Back-Off mechanisms and minimal on-chip storage, avoiding the area and timing costs of PRAC-style per-row counters. The open-source release and concrete overhead numbers are strengths that support reproducibility and adoption in the RowHammer defense literature.

major comments (2)
  1. [Design and Evaluation] The central claim that SHQ reappearance reliably detects persistent hammering (and thereby solves non-selection without raising the baseline mitigation rate) rests on unverified assumptions about sampling coverage. The manuscript provides no analysis or experiments showing that the chosen per-window sampling rate and SHQ capacity (inferred ~625 B) guarantee re-sampling of a row activated at the target threshold before the attack succeeds, nor that benign locality patterns do not trigger excessive false-positive mitigations. This assumption is load-bearing for the scalability claims at thresholds of 250-500.
  2. [Evaluation] The reported performance numbers (0.2% slowdown at threshold 500, 1.5% at 250) are presented without any description of the simulation methodology, DRAM model, attack traces (including distributed or multi-row hammering), workload benchmarks, or sensitivity to the free parameters (sampling rate and SHQ size). Without these details the concrete overhead claims cannot be independently verified and the comparison to PRAC and MINT is not reproducible.
minor comments (1)
  1. The abstract states 'only 625B of SRAM per bank' but does not specify the exact SHQ organization (number of entries, bit width per entry) or how the size scales with bank count; a small table or equation clarifying this would improve clarity.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed feedback. We address each major comment below, providing clarifications on our design rationale and evaluation approach while committing to revisions that strengthen the manuscript's verifiability and reproducibility.

read point-by-point responses

  1. Referee: [Design and Evaluation] The central claim that SHQ reappearance reliably detects persistent hammering (and thereby solves non-selection without raising the baseline mitigation rate) rests on unverified assumptions about sampling coverage. The manuscript provides no analysis or experiments showing that the chosen per-window sampling rate and SHQ capacity (inferred ~625 B) guarantee re-sampling of a row activated at the target threshold before the attack succeeds, nor that benign locality patterns do not trigger excessive false-positive mitigations. This assumption is load-bearing for the scalability claims at thresholds of 250-500.

    Authors: We agree that explicit analysis of sampling coverage would strengthen the central claim. In the revised manuscript we will add a dedicated subsection deriving the re-sampling probability for a row activated at the target threshold (250–500 activations per window) under the chosen per-window sampling rate and SHQ capacity. We will also include new experiments that inject synthetic benign workloads with high row locality to measure false-positive mitigation rates. These additions will directly verify that reappearance in the SHQ occurs with high probability before an attack can succeed while keeping benign overhead low. revision: yes

  2. Referee: [Evaluation] The reported performance numbers (0.2% slowdown at threshold 500, 1.5% at 250) are presented without any description of the simulation methodology, DRAM model, attack traces (including distributed or multi-row hammering), workload benchmarks, or sensitivity to the free parameters (sampling rate and SHQ size). Without these details the concrete overhead claims cannot be independently verified and the comparison to PRAC and MINT is not reproducible.

    Authors: We acknowledge that the evaluation section would benefit from greater explicitness to support independent reproduction. The full manuscript already describes a cycle-accurate simulator extending Ramulator, SPEC CPU2006 and PARSEC workloads, and attack traces that include both single-row and distributed multi-row hammering. In the revision we will expand this section with: precise DRAM timing parameters, exact sampling rates and SHQ sizes for each threshold, sensitivity sweeps over these parameters, and additional distributed-attack results. We will also release the simulation configuration files and attack traces alongside the existing open-source code. revision: yes

Circularity Check

0 steps flagged

No significant circularity; PrISM is an independent design with empirical validation

full rationale

The paper presents PrISM as a new intersection-based probabilistic mitigation using a Sampled History Queue (SHQ) to address the non-selection problem in prior schemes like MINT. Central claims about slowdown reductions (e.g., 0.2% at threshold 500 vs. PRAC, 1.5% at 250 vs. MINT) are supported by simulation comparisons to external baselines, without any equations that define benefits in terms of parameters fitted from the same data or self-citations that serve as the sole load-bearing justification. The derivation chain relies on the proposed mechanism and reported experimental results rather than reducing to self-definitional constructs or imported uniqueness theorems.

Axiom & Free-Parameter Ledger

2 free parameters · 2 axioms · 1 invented entities

The central claim rests on standard RowHammer threat models and the availability of the Alert Back-Off protocol; introduces new SHQ structure whose effectiveness is evaluated only via simulation.

free parameters (2)
  • sampling rate per window
    Chosen to balance detection probability against performance overhead; value not stated in abstract.
  • SHQ size
    Determines how far back history is kept; affects both security coverage and storage cost.
axioms (2)
  • domain assumption RowHammer attacks manifest as repeated activations on the same row within a short time window
    Standard assumption in the RowHammer literature; invoked to justify why reappearance in SHQ indicates an attack.
  • domain assumption The existing Alert Back-Off protocol can be used to request additional mitigations without side effects
    Relies on JEDEC-defined DDR5 feature being present and usable for on-demand mitigation.
invented entities (1)
  • Sampled History Queue (SHQ) no independent evidence
    purpose: Store sampled rows across mitigation windows to enable intersection detection of persistent hammering
    New data structure proposed in this work; no independent evidence provided beyond the paper's own simulations.

pith-pipeline@v0.9.0 · 5886 in / 1596 out tokens · 31949 ms · 2026-05-19T23:35:08.419628+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

119 extracted references · 119 canonical work pages

  1. [1]

    UBC Advanced Research Computing,

    “UBC Advanced Research Computing, ”UBC ARC Sockeye.” UBC Advanced Research Computing, 2019, doi: 10.14288/SOCKEYE.”

    work page doi:10.14288/sockeye 2019

  2. [2]

    (2024) AMD EPYC 9965 Processor

    AMD. (2024) AMD EPYC 9965 Processor. Accessed: 2025-11-

    work page 2024

  3. [3]

    Available: https://www.amd.com/en/products/processors/ server/epyc/9005-series/amd-epyc-9965.html

    [Online]. Available: https://www.amd.com/en/products/processors/ server/epyc/9005-series/amd-epyc-9965.html

    work page

  4. [4]

    Marionette: A rowhammer attack via row coupling,

    S. Baek, M. Wi, S. Park, H. Nam, M. J. Kim, N. S. Kim, and J. H. Ahn, “Marionette: A rowhammer attack via row coupling,” inProceedings of the 30th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 1, ser. ASPLOS ’25. New York, NY , USA: Association for Computing Machinery, 2025, p. 637–652. [Onli...

    work page doi:10.1145/3669940.3707242 2025

  5. [5]

    Cacti 7: New tools for interconnect exploration in innovative off-chip memories,

    R. Balasubramonian, A. B. Kahng, N. Muralimanohar, A. Shafiee, and V . Srinivas, “Cacti 7: New tools for interconnect exploration in innovative off-chip memories,”ACM Trans. Archit. Code Optim., vol. 14, no. 2, Jun. 2017. [Online]. Available: https: //doi.org/10.1145/3085572

    work page doi:10.1145/3085572 2017

  6. [6]

    A systematic study of ddr4 dram faults in the field,

    M. V . Beigi, Y . Cao, S. Gurumurthi, C. Recchia, A. Walton, and V . Sridharan, “A systematic study of ddr4 dram faults in the field,” in 2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA), 2023, pp. 991–1002

    work page 2023

  7. [7]

    Panopticon: A complete in-dram rowhammer mitigation,

    T. Bennett, S. Saroiu, A. Wolman, and L. Cojocar, “Panopticon: A complete in-dram rowhammer mitigation,” inWorkshop on DRAM Security (DRAMSec), 2021. 13

    work page 2021

  8. [8]

    Understanding and mitigating covert channel and side channel vulnerabilities introduced by rowhammer defenses,

    F. N. Bostancı, O. Canpolat, A. Olgun, I. E. Y ¨uksel, K. Kanellopoulos, M. Sadrosadati, A. G. Ya ˘glıkc ¸ı, and O. Mutlu, “Understanding and mitigating covert channel and side channel vulnerabilities introduced by rowhammer defenses,” inProceedings of the 58th IEEE/ACM International Symposium on Microarchitecture, ser. MICRO ’25. New York, NY , USA: Asso...

    work page doi:10.1145/3725843 2025

  9. [9]

    Comet: Count-min- sketch-based row tracking to mitigate rowhammer at low cost,

    F. N. Bostanci, I. E. Y ¨uksel, A. Olgun, K. Kanellopoulos, Y . C. Tu˘grul, A. G. Ya ˘glic ¸i, M. Sadrosadati, and O. Mutlu, “Comet: Count-min- sketch-based row tracking to mitigate rowhammer at low cost,” in 2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA), 2024, pp. 593–612

    work page 2024

  10. [10]

    Breakhammer: Enhancing rowhammer mitigations by carefully throttling suspect threads,

    O. Canpolat, A. G. Ya ˘glıkc ¸ı, A. Olgun, I. E. Yuksel, Y . C. Tu ˘grul, K. Kanellopoulos, O. Ergin, and O. Mutlu, “Breakhammer: Enhancing rowhammer mitigations by carefully throttling suspect threads,” in 2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO), 2024, pp. 915–934

    work page 2024

  11. [11]

    Chronus: Understanding and securing the cutting-edge industry solutions to dram read disturbance,

    O. Canpolat, A. G. Ya ˘glıkc ¸ı, G. F. Oliveira, A. Olgun, N. Bostancı, I. E. Yuksel, H. Luo, O. Ergin, and O. Mutlu, “Chronus: Understanding and securing the cutting-edge industry solutions to dram read disturbance,” in2025 IEEE International Symposium on High Performance Com- puter Architecture (HPCA), 2025, pp. 887–905

    work page 2025

  12. [12]

    Chronus: Understanding and securing the cutting-edge industry solutions to dram read disturbance,

    O. Canpolat, A. G. Ya ˘glıkc ¸ı, G. F. Oliveira, A. Olgun, N. Bostancı, ˙Ismail Emir Y ¨uksel, H. Luo, O. Ergin, and O. Mutlu, “Chronus: Understanding and securing the cutting-edge industry solutions to dram read disturbance,” 2025. [Online]. Available: https://arxiv.org/ abs/2502.12650

    work page arXiv 2025

  13. [13]

    Prisonbreak: Jailbreaking large language models with fewer than twenty-five targeted bit-flips,

    Z. Coalson, J. Woo, S. Chen, Y . Sun, L. Yang, P. Nair, B. Fang, and S. Hong, “Prisonbreak: Jailbreaking large language models with fewer than twenty-five targeted bit-flips,” 2024. [Online]. Available: https://arxiv.org/abs/2412.07192

    work page arXiv 2024

  14. [14]

    Exploiting correct- ing codes: On the effectiveness of ecc memory against rowhammer attacks,

    L. Cojocar, K. Razavi, C. Giuffrida, and H. Bos, “Exploiting correct- ing codes: On the effectiveness of ecc memory against rowhammer attacks,” in2019 IEEE Symposium on Security and Privacy (SP), 2019, pp. 55–71

    work page 2019

  15. [15]

    Benchmarking cloud serving systems with ycsb,

    B. F. Cooper, A. Silberstein, E. Tam, R. Ramakrishnan, and R. Sears, “Benchmarking cloud serving systems with ycsb,” inProceedings of the 1st ACM Symposium on Cloud Computing, ser. SoCC ’10. New York, NY , USA: Association for Computing Machinery, 2010, p. 143–154. [Online]. Available: https://doi.org/10.1145/1807128.1807152

    work page doi:10.1145/1807128.1807152 2010

  16. [16]

    Spec cpu2006 benchmark suite,

    S. P. E. Corporation, “Spec cpu2006 benchmark suite,” 2006. [Online]. Available: http://www.spec.org/cpu2006/

    work page 2006

  17. [17]

    SMASH: Synchronized many-sided rowhammer attacks from JavaScript,

    F. de Ridder, P. Frigo, E. Vannacci, H. Bos, C. Giuffrida, and K. Razavi, “SMASH: Synchronized many-sided rowhammer attacks from JavaScript,” in30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Aug. 2021, pp. 1001–1018. [Online]. Available: https://www.usenix.org/conference/ usenixsecurity21/presentation/ridder

    work page 2021

  18. [18]

    Safe- guard: Reducing the security risk from row-hammer via low-cost integrity protection,

    A. Fakhrzadehgan, Y . N. Patt, P. J. Nair, and M. K. Qureshi, “Safe- guard: Reducing the security risk from row-hammer via low-cost integrity protection,” in2022 IEEE International Symposium on High- Performance Computer Architecture (HPCA), 2022, pp. 373–386

    work page 2022

  19. [19]

    Apache hadoop

    A. Foundation, “Apache hadoop.” [Online]. Available: http://hadoop. apache.org/

    work page

  20. [20]

    Trrespass: Exploiting the many sides of target row refresh,

    P. Frigo, E. Vannacc, H. Hassan, V . v. der Veen, O. Mutlu, C. Giuffrida, H. Bos, and K. Razavi, “Trrespass: Exploiting the many sides of target row refresh,” in2020 IEEE Symposium on Security and Privacy (SP), 2020, pp. 747–762

    work page 2020

  21. [21]

    Mediabench ii video: Expediting the next generation of video systems research,

    J. E. Fritts, F. W. Steiling, J. A. Tucek, and W. Wolf, “Mediabench ii video: Expediting the next generation of video systems research,” Microprocess. Microsyst., vol. 33, no. 4, p. 301–318, Jun. 2009. [Online]. Available: https://doi.org/10.1016/j.micpro.2009.02.010

    work page doi:10.1016/j.micpro.2009.02.010 2009

  22. [22]

    Another flip in the wall of rowhammer defenses,

    D. Gruss, M. Lipp, M. Schwarz, D. Genkin, J. Juffinger, S. O’Connell, W. Schoechl, and Y . Yarom, “Another flip in the wall of rowhammer defenses,” in2018 IEEE Symposium on Security and Privacy (SP), 2018, pp. 245–261

    work page 2018

  23. [23]

    Rowhammer.js: A remote software-induced fault attack in javascript,

    D. Gruss, C. Maurice, and S. Mangard, “Rowhammer.js: A remote software-induced fault attack in javascript,” inProceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Volume 9721, ser. DIMV A 2016. Berlin, Heidelberg: Springer-Verlag, 2016, p. 300–321. [Online]. Available: https://doi.org/10.1...

    work page doi:10.1007/978-3-319-40667-1 2016

  24. [24]

    Self-managing dram: a low-cost framework for enabling autonomous and efficient dram maintenance operations,

    H. Hassan, A. Olgun, A. G. Ya ˘glıkc ¸ı, H. Luo, O. Mutlu, and E. Zurich, “Self-managing dram: a low-cost framework for enabling autonomous and efficient dram maintenance operations,” in2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO). IEEE, 2024, pp. 949–965

    work page 2024

  25. [25]

    Crow: a low-cost substrate for improving dram performance, energy efficiency, and reliability,

    H. Hassan, M. Patel, J. S. Kim, A. G. Yaglikci, N. Vijaykumar, N. M. Ghiasi, S. Ghose, and O. Mutlu, “Crow: a low-cost substrate for improving dram performance, energy efficiency, and reliability,” inProceedings of the 46th International Symposium on Computer Architecture, ser. ISCA ’19. New York, NY , USA: Association for Computing Machinery, 2019, p. 12...

    work page doi:10.1145/3307650.3322231 2019

  26. [26]

    Uncovering in-dram rowhammer protection mechanisms:a new methodology, custom rowhammer patterns, and implications,

    H. Hassan, Y . C. Tugrul, J. S. Kim, V . van der Veen, K. Razavi, and O. Mutlu, “Uncovering in-dram rowhammer protection mechanisms:a new methodology, custom rowhammer patterns, and implications,” inMICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture, ser. MICRO ’21. New York, NY , USA: Association for Computing Machinery, 2021, p....

    work page doi:10.1145/3466752.3480110 2021

  27. [27]

    Terminal brain damage: Exposing the graceless degradation in deep neural networks under hardware fault attacks,

    S. Hong, P. Frigo, Y . Kaya, C. Giuffrida, and T. Dumitras, “Terminal brain damage: Exposing the graceless degradation in deep neural networks under hardware fault attacks,” in28th USENIX Security Symposium (USENIX Security 19). Santa Clara, CA: USENIX Association, Aug. 2019, pp. 497–514. [Online]. Available: https://www.usenix.org/conference/usenixsecuri...

    work page 2019

  28. [28]

    Dsac: Low-cost rowhammer mitigation using in-dram stochastic and approximate counting algorithm,

    S. Hong, D. Kim, J. Lee, R. Oh, C. Yoo, S. Hwang, and J. Lee, “Dsac: Low-cost rowhammer mitigation using in-dram stochastic and approximate counting algorithm,”arXiv:2302.03591, 2023

    work page arXiv 2023

  29. [29]

    Gddrhammer: Greatly disturbing dram rows—cross- component rowhammer attacks from modern gpus,

    Y . Hu, N. Brown, Y . Chen, J. Bakita, T. Chen, D. Genkin, and A. Kwong, “Gddrhammer: Greatly disturbing dram rows—cross- component rowhammer attacks from modern gpus,” in2026 IEEE Symposium on Security and Privacy (SP), 2026

    work page 2026

  30. [30]

    (2026) Intel® Xeon® 6756P-B Processor Specifications

    Intel Corporation. (2026) Intel® Xeon® 6756P-B Processor Specifications. Accessed: 2026-05-01. [Online]. Available: https://www.intel.com/content/www/us/en/products/sku/245156/intel- xeon-6756pb-processor-256m-cache-2-20-ghz/specifications.html

    work page 2026

  31. [31]

    Probabilistic tracker management policies for low-cost and scalable rowhammer mitigation,

    A. Jaleel, S. W. Keckler, and G. Saileshwar, “Probabilistic tracker management policies for low-cost and scalable rowhammer mitigation,” arXiv:2404.16256, 2024

    work page arXiv 2024

  32. [32]

    Pride: Achieving secure rowhammer mitigation with low-cost in-dram track- ers,

    A. Jaleel, G. Saileshwar, S. W. Keckler, and M. Qureshi, “Pride: Achieving secure rowhammer mitigation with low-cost in-dram track- ers,” in2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA), 2024, pp. 1157–1172

    work page 2024

  33. [33]

    Sgx-bomb: Locking down the processor via rowhammer attack,

    Y . Jang, J. Lee, S. Lee, and T. Kim, “Sgx-bomb: Locking down the processor via rowhammer attack,” inProceedings of the 2nd Workshop on System Software for Trusted Execution, ser. SysTEX’17. New York, NY , USA: Association for Computing Machinery, 2017. [Online]. Available: https://doi.org/10.1145/3152701.3152709

    work page doi:10.1145/3152701.3152709 2017

  34. [34]

    Blacksmith: Scalable rowhammering in the frequency domain,

    P. Jattke, V . Van Der Veen, P. Frigo, S. Gunter, and K. Razavi, “Blacksmith: Scalable rowhammering in the frequency domain,” in 2022 IEEE Symposium on Security and Privacy (SP), 2022, pp. 716– 734

    work page 2022

  35. [35]

    ZenHammer: Rowhammer attacks on AMD zen-based platforms,

    P. Jattke, M. Wipfli, F. Solt, M. Marazzi, M. B ¨olcskei, and K. Razavi, “ZenHammer: Rowhammer attacks on AMD zen-based platforms,” in33rd USENIX Security Symposium (USENIX Security 24). Philadelphia, PA: USENIX Association, Aug. 2024, pp. 1615–1633. [Online]. Available: https://www.usenix.org/conference/ usenixsecurity24/presentation/jattke

    work page 2024

  36. [36]

    Ddr4 sdram standard (jesd79-4b),

    JEDEC, “Ddr4 sdram standard (jesd79-4b),” 2017

    work page 2017

  37. [37]

    (2024) JESD79-5C

    JEDEC. (2024) JESD79-5C. https://www.jedec.org/document search? search api views fulltext=jesd79-5c

    work page 2024

  38. [38]

    {ECC. fail}: Mounting rowhammer attacks on{DDR4} servers with{ECC}memory,

    N. Kamadan, W. Wang, S. van Schaik, C. Garman, D. Genkin, and Y . Yarom, “{ECC. fail}: Mounting rowhammer attacks on{DDR4} servers with{ECC}memory,” in34th USENIX Security Symposium (USENIX Security 25), 2025, pp. 5679–5698

    work page 2025

  39. [39]

    Minimalist open-page: a dram page-mode scheduling policy for the many-core era,

    D. Kaseridis, J. Stuecheli, and L. K. John, “Minimalist open-page: a dram page-mode scheduling policy for the many-core era,” in Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture, ser. MICRO-44. New York, NY , USA: Association for Computing Machinery, 2011, p. 24–35. [Online]. Available: https://doi.org/10.1145/2155620.2155624

    work page doi:10.1145/2155620.2155624 2011

  40. [40]

    A robust random number generator based on a differential current-mode chaos,

    O. Katz, D. A. Ramon, and I. A. Wagner, “A robust random number generator based on a differential current-mode chaos,”IEEE Transac- 14 tions on Very Large Scale Integration (VLSI) Systems, vol. 16, no. 12, pp. 1677–1686, 2008

    work page 2008

  41. [41]

    Architectural support for mitigating row hammering in dram memories,

    D.-H. Kim, P. J. Nair, and M. K. Qureshi, “Architectural support for mitigating row hammering in dram memories,”IEEE Computer Architecture Letters, vol. 14, no. 1, pp. 9–12, 2015

    work page 2015

  42. [42]

    D-range: Using commodity dram devices to generate true random numbers with low latency and high throughput,

    J. S. Kim, M. Patel, H. Hassan, L. Orosa, and O. Mutlu, “D-range: Using commodity dram devices to generate true random numbers with low latency and high throughput,” in2019 IEEE International sym- posium on high performance computer architecture (HPCA). IEEE, 2019, pp. 582–595

    work page 2019

  43. [43]

    Revisiting rowhammer: an experimental analysis of modern dram devices and mitigation techniques,

    J. S. Kim, M. Patel, A. G. Ya ˘glıkc ¸ı, H. Hassan, R. Azizi, L. Orosa, and O. Mutlu, “Revisiting rowhammer: an experimental analysis of modern dram devices and mitigation techniques,” inProceedings of the ACM/IEEE 47th Annual International Symposium on Computer Architecture, ser. ISCA ’20. IEEE Press, 2020, p. 638–651. [Online]. Available: https://doi.or...

    work page doi:10.1109/isca45697.2020.00059 2020

  44. [44]

    Per-row activation counting on real hardware: Demystifying performance overheads,

    J. Kim, S. Baek, M. Wi, H. Nam, M. J. Kim, S. Lee, K. Sohn, and J. H. Ahn, “Per-row activation counting on real hardware: Demystifying performance overheads,”IEEE Computer Architecture Letters, vol. 24, no. 2, pp. 217–220, 2025

    work page 2025

  45. [45]

    Hammerfilter: Robust pro- tection and low hardware overhead method for rowhammer,

    K. Kim, J. Woo, J. Kim, and K.-S. Chung, “Hammerfilter: Robust pro- tection and low hardware overhead method for rowhammer,” in2021 IEEE 39th International Conference on Computer Design (ICCD), 2021, pp. 212–219

    work page 2021

  46. [46]

    Sok: Systematizing a decade of architectural rowhammer defenses through the lens of streaming algorithms,

    M. J. Kim, S. Baek, J. Kim, H. Nam, N. S. Kim, and J. H. Ahn, “Sok: Systematizing a decade of architectural rowhammer defenses through the lens of streaming algorithms,” in2026 IEEE Symposium on Security and Privacy (SP), 2026

    work page 2026

  47. [47]

    Mithril: Cooperative row hammer protection on commodity dram leveraging managed refresh,

    M. J. Kim, J. Park, Y . Park, W. Doh, N. Kim, T. J. Ham, J. W. Lee, and J. H. Ahn, “Mithril: Cooperative row hammer protection on commodity dram leveraging managed refresh,” in2022 IEEE International Symposium on High-Performance Computer Architecture (HPCA), 2022, pp. 1156–1169

    work page 2022

  48. [48]

    How to kill the second bird with one ecc: The pursuit of row hammer resilient dram,

    M. J. Kim, M. Wi, J. Park, S. Ko, J. Choi, H. Nam, N. S. Kim, J. H. Ahn, and E. Lee, “How to kill the second bird with one ecc: The pursuit of row hammer resilient dram,” inMICRO, 2023

    work page 2023

  49. [49]

    Flipping bits in memory without accessing them: an experimental study of dram disturbance errors,

    Y . Kim, R. Daly, J. Kim, C. Fallin, J. H. Lee, D. Lee, C. Wilkerson, K. Lai, and O. Mutlu, “Flipping bits in memory without accessing them: an experimental study of dram disturbance errors,”SIGARCH Comput. Archit. News, vol. 42, no. 3, p. 361–372, Jun. 2014. [Online]. Available: https://doi.org/10.1145/2678373.2665726

    work page doi:10.1145/2678373.2665726 2014

  50. [50]

    Ramulator: A fast and extensible dram simulator,

    Y . Kim, W. Yang, and O. Mutlu, “Ramulator: A fast and extensible dram simulator,”IEEE Computer Architecture Letters, vol. 15, no. 1, pp. 45–49, 2016

    work page 2016

  51. [51]

    Half-Double: Hammering from the next row over,

    A. Kogler, J. Juffinger, S. Qazi, Y . Kim, M. Lipp, N. Boichat, E. Shiu, M. Nissler, and D. Gruss, “Half-Double: Hammering from the next row over,” in31st USENIX Security Symposium (USENIX Security 22). Boston, MA: USENIX Association, Aug. 2022, pp. 3807–3824. [Online]. Available: https://www.usenix.org/conference/ usenixsecurity22/presentation/kogler-half-double

    work page 2022

  52. [52]

    Rambleed: Reading bits in memory without accessing them,

    A. Kwong, D. Genkin, D. Gruss, and Y . Yarom, “Rambleed: Reading bits in memory without accessing them,” in2020 IEEE Symposium on Security and Privacy (SP), 2020, pp. 695–711

    work page 2020

  53. [53]

    Crow: a low-cost substrate for improving dram performance, energy efficiency, and reliability,

    E. Lee, I. Kang, S. Lee, G. E. Suh, and J. H. Ahn, “Twice: preventing row-hammering by exploiting time window counters,” inProceedings of the 46th International Symposium on Computer Architecture, ser. ISCA ’19. New York, NY , USA: Association for Computing Machinery, 2019, p. 385–396. [Online]. Available: https://doi.org/10.1145/3307650.3322232

    work page doi:10.1145/3307650.3322232 2019

  54. [54]

    Gpuhammer: Rowhammer attacks on gpu memories are practical,

    C. S. Lin, J. Qu, and G. Saileshwar, “Gpuhammer: Rowhammer attacks on gpu memories are practical,” inUSENIX Security, 2025

    work page 2025

  55. [55]

    GPUBreach: Privilege escalation attacks on GPUs using rowhammer,

    C. S. Lin, Y . Yan, G. Ding, J. Qu, J. Zhu, D. Lie, and G. Saileshwar, “GPUBreach: Privilege escalation attacks on GPUs using rowhammer,” in2026 IEEE Symposium on Security and Privacy (SP), 2026

    work page 2026

  56. [56]

    Moesi-prime: preventing coherence-induced hammering in commodity workloads,

    K. Loughlin, S. Saroiu, A. Wolman, Y . A. Manerkar, and B. Kasikci, “Moesi-prime: preventing coherence-induced hammering in commodity workloads,” inProceedings of the 49th Annual International Symposium on Computer Architecture, ser. ISCA ’22. New York, NY , USA: Association for Computing Machinery, 2022, p. 670–684. [Online]. Available: https://doi.org/1...

    work page doi:10.1145/3470496 2022

  57. [57]

    Rowpress: Amplifying read disturbance in modern dram chips,

    H. Luo, A. Olgun, A. G. Ya ˘glıkc ¸ı, Y . C. Tu˘grul, S. Rhyner, M. B. Cavlak, J. Lindegger, M. Sadrosadati, and O. Mutlu, “Rowpress: Amplifying read disturbance in modern dram chips,” inProceedings of the 50th Annual International Symposium on Computer Architecture, ser. ISCA ’23. New York, NY , USA: Association for Computing Machinery, 2023. [Online]. A...

    work page doi:10.1145/3579371.3589063 2023

  58. [58]

    Ramulator 2.0: A modern, modular, and extensible dram simulator,

    H. Luo, Y . C. Tu ˘grul, F. N. Bostancı, A. Olgun, A. G. Ya ˘glıkc ¸ı, and O. Mutlu, “Ramulator 2.0: A modern, modular, and extensible dram simulator,”IEEE Comput. Archit. Lett., vol. 23, no. 1, p. 112–116, Jan

    work page

  59. [59]

    Available: https://doi.org/10.1109/LCA.2023.3333759

    [Online]. Available: https://doi.org/10.1109/LCA.2023.3333759

    work page doi:10.1109/lca.2023.3333759 2023

  60. [60]

    Protrr: Principled yet optimal in-dram target row refresh,

    M. Marazzi, P. Jattke, F. Solt, and K. Razavi, “Protrr: Principled yet optimal in-dram target row refresh,” in2022 IEEE Symposium on Security and Privacy (SP), 2022, pp. 735–753

    work page 2022

  61. [61]

    Rega: Scalable rowhammer mitigation with refresh-generating activations,

    M. Marazzi, F. Solt, P. Jattke, K. Takashi, and K. Razavi, “Rega: Scalable rowhammer mitigation with refresh-generating activations,” in2023 IEEE Symposium on Security and Privacy (SP), 2023, pp. 1684–1701

    work page 2023

  62. [62]

    Phoenix: Rowhammer attacks on ddr5 with self-correcting synchro- nization,

    D. Meyer, P. Jattke, M. Marazzi, S. Qazi, D. Moghimi, and K. Razavi, “Phoenix: Rowhammer attacks on ddr5 with self-correcting synchro- nization,” in2026 IEEE Symposium on Security and Privacy (SP), 2026

    work page 2026

  63. [63]

    System Power Calculators,

    Micron Technology Inc., “System Power Calculators,” https://www. micron.com/support/tools-and-utilities/power-calc

    work page

  64. [64]

    Memory performance attacks: Denial of memory service in Multi-Core systems,

    T. Moscibroda and O. Mutlu, “Memory performance attacks: Denial of memory service in Multi-Core systems,” in16th USENIX Security Symposium (USENIX Security 07). Boston, MA: USENIX Association, Aug. 2007. [Online]. Available: https://www.usenix.org/conference/16th-usenix-security-symposium/ memory-performance-attacks-denial-memory-service-multi

    work page 2007

  65. [65]

    Stall-time fair memory access schedul- ing for chip multiprocessors,

    O. Mutlu and T. Moscibroda, “Stall-time fair memory access schedul- ing for chip multiprocessors,” in40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007), 2007, pp. 146–160

    work page 2007

  66. [66]

    Not so refreshing: Attacking{GPUs}using {RFM}rowhammer mitigation,

    R. Nazaraliyev, Y . Zhang, S. B. Dutta, A. Marquez, K. Barker, and N. Abu-Ghazaleh, “Not so refreshing: Attacking{GPUs}using {RFM}rowhammer mitigation,” in34th USENIX Security Symposium (USENIX Security 25), 2025, pp. 5641–5660

    work page 2025

  67. [67]

    In-dram true random number genera- tion using simultaneous multiple-row activation: An experimental study of real dram chips,

    A. Olgun, F. N. Bostanci, O. Canpolat, G. F. Oliveira, M. Sadrosadati, A. G. Ya˘glikc ¸i, O. Mutluet al., “In-dram true random number genera- tion using simultaneous multiple-row activation: An experimental study of real dram chips,” in2025 IEEE 43rd International Conference on Computer Design (ICCD). IEEE, 2025, pp. 754–763

    work page 2025

  68. [68]

    Read disturbance in high bandwidth memory: A detailed experimental study on hbm2 dram chips,

    A. Olgun, M. Osseiran, A. G. Ya ˘glıkc ¸ı, Y . C. Tu˘grul, H. Luo, S. Rhyner, B. Salami, J. G. Luna, and O. Mutlu, “Read disturbance in high bandwidth memory: A detailed experimental study on hbm2 dram chips,” in2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2024, pp. 75–89

    work page 2024

  69. [69]

    Quac-trng: High-throughput true random number generation using quadruple row activation in commodity dram chips,

    A. Olgun, M. Patel, A. G. Ya ˘glıkc ¸ı, H. Luo, J. S. Kim, F. N. Bostancı, N. Vijaykumar, O. Ergin, and O. Mutlu, “Quac-trng: High-throughput true random number generation using quadruple row activation in commodity dram chips,” in2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA). IEEE, 2021, pp. 944– 957

    work page 2021

  70. [70]

    ABACuS: All-Bank activation counters for scalable and low overhead RowHammer mitigation,

    A. Olgun, Y . C. Tugrul, N. Bostanci, I. E. Yuksel, H. Luo, S. Rhyner, A. G. Yaglikci, G. F. Oliveira, and O. Mutlu, “ABACuS: All-Bank activation counters for scalable and low overhead RowHammer mitigation,” in33rd USENIX Security Symposium (USENIX Security 24). Philadelphia, PA: USENIX Association, Aug. 2024, pp. 1579–1596. [Online]. Available: https: //...

    work page 2024

  71. [71]

    Graphene: Strong yet lightweight row hammer protection,

    Y . Park, W. Kwon, E. Lee, T. J. Ham, J. Ho Ahn, and J. W. Lee, “Graphene: Strong yet lightweight row hammer protection,” in2020 53rd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), 2020, pp. 1–13

    work page 2020

  72. [72]

    Autorfm: Scaling low-cost in-dram trackers to ultra-low rowhammer thresholds,

    M. Qureshi, “Autorfm: Scaling low-cost in-dram trackers to ultra-low rowhammer thresholds,” in2025 IEEE International Symposium on High Performance Computer Architecture (HPCA), 2025, pp. 991– 1004

    work page 2025

  73. [73]

    Moat: Securely mitigating rowhammer with per-row activation counters,

    M. Qureshi and S. Qazi, “Moat: Securely mitigating rowhammer with per-row activation counters,” inProceedings of the 30th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 1, ser. ASPLOS ’25. New York, NY , USA: Association for Computing Machinery, 2025, p. 698–714. [Online]. Available: https://d...

    work page doi:10.1145/3669940 2025

  74. [74]

    Mint: Securely mitigating rowham- mer with a minimalist in-dram tracker,

    M. Qureshi, S. Qazi, and A. Jaleel, “Mint: Securely mitigating rowham- mer with a minimalist in-dram tracker,” in2024 57th IEEE/ACM 15 International Symposium on Microarchitecture (MICRO), 2024, pp. 899–914

    work page 2024

  75. [75]

    Hydra: enabling low-overhead mitigation of row-hammer at ultra-low thresholds via hybrid tracking,

    M. Qureshi, A. Rohan, G. Saileshwar, and P. J. Nair, “Hydra: enabling low-overhead mitigation of row-hammer at ultra-low thresholds via hybrid tracking,” inProceedings of the 49th Annual International Symposium on Computer Architecture, ser. ISCA ’22. New York, NY , USA: Association for Computing Machinery, 2022, p. 699–710. [Online]. Available: https://d...

    work page doi:10.1145/3470496.3527421 2022

  76. [76]

    Salt: Track-and-mitigate subarrays, not rows, for blast-radius-free rowhammer defense,

    M. K. Qureshi, “Salt: Track-and-mitigate subarrays, not rows, for blast-radius-free rowhammer defense,” in2026 IEEE International Symposium on High Performance Computer Architecture (HPCA), 2026, pp. 1–16

    work page 2026

  77. [77]

    Flip feng shui: Hammering a needle in the software stack,

    K. Razavi, B. Gras, E. Bosman, B. Preneel, C. Giuffrida, and H. Bos, “Flip feng shui: Hammering a needle in the software stack,” in25th USENIX Security Symposium (USENIX Security 16). Austin, TX: USENIX Association, Aug. 2016, pp. 1–18. [Online]. Available: https://www.usenix.org/conference/ usenixsecurity16/technical-sessions/presentation/razavi

    work page 2016

  78. [78]

    Memory access scheduling,

    S. Rixner, W. Dally, U. Kapasi, P. Mattson, and J. Owens, “Memory access scheduling,” inProceedings of 27th International Symposium on Computer Architecture (IEEE Cat. No.RS00201), 2000, pp. 128–138

    work page 2000

  79. [79]

    ABACuS — GitHub Repository,

    SAFARI Research Group, “ABACuS — GitHub Repository,” 2023. [Online]. Available: https://github.com/CMU-SAFARI/ABACuS

    work page 2023

  80. [80]

    Randomized row-swap: mitigating row hammer by breaking spatial correlation between aggressor and victim rows,

    G. Saileshwar, B. Wang, M. Qureshi, and P. J. Nair, “Randomized row-swap: mitigating row hammer by breaking spatial correlation between aggressor and victim rows,” inProceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, ser. ASPLOS ’22. New York, NY , USA: Association for Computing M...

    work page doi:10.1145/3503222.3507716 2022

Showing first 80 references.