MAD: Memory Allocation meets Software Diversity

TL;DR

MAD introduces a novel approach combining memory allocation and software diversity principles to mitigate DRAM vulnerabilities like RowHammer, offering a hardware-agnostic, low-impact, and effective defense mechanism that delays attacks for better response opportunities.

Contribution

It proposes MAD, a new system that uses spatial diversification techniques to enhance memory security against RowHammer attacks, overcoming entropy challenges.

Findings

Early results show promising delay of RowHammer attacks.

MAD is easy to implement with negligible performance impact.

The approach is hardware and software agnostic.

Abstract

Vulnerabilities emanating from DRAM errors pose a vexing problem that remains, as of yet, unsolved and elusive but cannot be ignored. Prior defenses focused on specific details of early RowHammer attacks and fail to generalize with the generalizations of recent RowHammer attacks. Even worse, it is presently not clear that techniques from prior defenses will be able to cope with these generalizations or if an entirely new approach is required. Although still work-in-progress, we have identified a new approach that combines memory allocation with principles underlying software diversity and shows promising early results. At first glance, software diversity seems to be an unlikely contender, since it faces seemingly insurmountable obstacles, primarily the lack of sufficient entropy in memory subsystems. Our system - called MAD, short for memory allocation diversity - leverages two novel, complementary spatial diversification techniques to overcome this entropy obstacle. Entropy aside, MAD offers ease-of-implementation, negligible performance impact, and is both hardware and software agnostic. From a security perspective, MAD's goal is to deter RowHammer attacks by delaying them to the maximum extent possible. Such a delay opens the door for a variety of additional responses, e.g., proactive rebooting, or complementary in-depth analysis of ongoing attacks that would be too slow for an always-on defense.