This paper focuses on mitigating DRAM Rowhammer attacks. In recent years, solutions like TRR have been deployed in DDR4 DRAM to track aggressor rows and then issue a mitigative action by refreshing neighboring victim rows. Unfortunately, such in-DRAM solutions are resource-constrained (only able to provision few tens of counters to track aggressor rows) and are prone to thrashing based attacks, that have been used to fool them. Secure alternatives for in-DRAM trackers require tens of thousands of counters. In this work, we demonstrate secure and scalable rowhammer mitigation using resource-constrained trackers. Our key idea is to manage such trackers with probabilistic management policies (PROTEAS). PROTEAS includes component policies like request-stream sampling and random evictions which enable thrash-resistance for resource-constrained trackers. We show that PROTEAS can secure small in-DRAM trackers (with 16 counters per DRAM bank) even when Rowhammer thresholds drop to 500 while incurring less than 3% slowdown. Moreover, we show that PROTEAS significantly outperforms a recent similar probabilistic proposal from Samsung (called DSAC) while achieving 11X - 19X the resilience against Rowhammer.

翻译：本文聚焦于缓解DRAM Rowhammer攻击。近年来，诸如TRR的解决方案已被部署于DDR4 DRAM中，用于追踪攻击行，并通过刷新相邻受害者行来执行缓解操作。不幸的是，这类片内DRAM方案受限于资源（仅能配置数十个计数器以追踪攻击行），且易受基于颠簸的攻击影响——此类攻击已被用于规避上述方案。片内DRAM追踪器的安全替代方案需配备数万个计数器。在本工作中，我们论证了如何利用资源受限的追踪器实现安全且可扩展的Rowhammer缓解策略。我们的核心思想是通过概率型管理策略（PROTEAS）来管理此类追踪器。PROTEAS包含请求流采样与随机驱逐等组件策略，从而使资源受限的追踪器具备抗颠簸能力。我们证明，当Rowhammer阈值降至500时，PROTEAS仍能保护微型片内DRAM追踪器（每DRAM bank仅配置16个计数器），且性能损失低于3%。此外，我们表明PROTEAS显著优于三星近期提出的同类概率型方案DSAC，其对Rowhammer的抵御能力提升达11倍至19倍。