DRAM read disturbance can break memory isolation, a fundamental property to ensure system robustness (i.e., reliability, security, safety). RowHammer and RowPress are two different DRAM read disturbance phenomena. RowHammer induces bitflips in physically adjacent victim DRAM rows by repeatedly opening and closing an aggressor DRAM row, while RowPress induces bitflips by keeping an aggressor DRAM row open for a long period of time. In this study, we characterize a DRAM access pattern that combines RowHammer and RowPress in 84 real DDR4 DRAM chips from all three major DRAM manufacturers. Our key results show that 1) this combined RowHammer and RowPress pattern takes significantly smaller amount of time (up to 46.1% faster) to induce the first bitflip compared to the state-of-the-art RowPress pattern, and 2) at the minimum aggressor row activation count to induce at least one bitflip, the bits that flip are different across RowHammer, RowPress, and the combined patterns. Based on our results, we provide a key hypothesis that the read disturbance effect caused by RowPress from one of the two aggressor rows in a double-sided pattern is much more significant than the other.

翻译：DRAM读取干扰可能破坏内存隔离性——这是确保系统鲁棒性（即可靠性、安全性、保障性）的基本特性。RowHammer与RowPress是两种不同的DRAM读取干扰现象：RowHammer通过反复打开并关闭攻击者DRAM行，在物理相邻的受害DRAM行中诱发比特翻转；而RowPress则通过长时间保持攻击者DRAM行处于开启状态来诱发比特翻转。本研究对来自三大主流DRAM制造商的84颗实际DDR4 DRAM芯片，表征了结合RowHammer与RowPress的DRAM访问模式。关键结果表明：1）相较于最先进的RowPress模式，这种RowHammer与RowPress组合模式诱发首次比特翻转所需时间显著缩短（最高可提速46.1%）；2）在诱发至少一次比特翻转的最小攻击行激活次数下，RowHammer、RowPress及组合模式所翻转的比特位存在差异。基于实验结果，我们提出关键假设：在双面攻击模式中，两个攻击行之一由RowPress引起的读取干扰效应远强于另一攻击行。