In this work, we propose DRAM-Locker as a robust general-purpose defense mechanism that can protect DRAM against various adversarial Deep Neural Network (DNN) weight attacks affecting data or page tables. DRAM-Locker harnesses the capabilities of in-DRAM swapping combined with a lock-table to prevent attackers from singling out specific DRAM rows to safeguard DNN's weight parameters. Our results indicate that DRAM-Locker can deliver a high level of protection downgrading the performance of targeted weight attacks to a random attack level. Furthermore, the proposed defense mechanism demonstrates no reduction in accuracy when applied to CIFAR-10 and CIFAR-100. Importantly, DRAM-Locker does not necessitate any software retraining or result in extra hardware burden.

翻译：本文提出DRAM-Locker作为一种鲁棒的通用防御机制，能够保护DRAM免受各类影响数据或页表的对抗性深度神经网络（DNN）权重攻击。该机制通过利用DRAM内部交换结合锁表的功能，阻止攻击者锁定特定DRAM行以破坏DNN权重参数。研究结果表明，DRAM-Locker可提供高等级防护，将针对性权重攻击的性能降级至随机攻击水平。此外，该防御机制在CIFAR-10和CIFAR-100数据集上未出现精度损失。重要的是，DRAM-Locker无需任何软件重训练或额外硬件开销。