## DRAM-Profiler: An Experimental DRAM RowHammer Vulnerability Profiling Mechanism

Ranyang Zhou<sup> $\dagger$ </sup>, Jacqueline T. Liu<sup> $\ddagger$ </sup>, Nakul Kochar<sup> $\dagger$ </sup>, Sabbir Ahmed<sup> $\ddagger$ </sup>,

Adnan Siraj Rakin<sup>‡</sup>, and Shaahin Angizi<sup>†</sup>

<sup>†</sup>Department of Electrical and Computer Engineering, New Jersey Institute of Technology, Newark, NJ, USA

 $^{\ddagger}\text{Department}$  of Computer Science, State University of New York at Binghamton, NY, USA

arakin@binghamton.edu,shaahin.angizi@njit.edu

### ABSTRACT

RowHammer stands out as a prominent example, potentially the pioneering one, showcasing how a failure mechanism at the circuit level can give rise to a significant and pervasive security vulnerability within systems. Prior research has approached RowHammer attacks within a static threat model framework. Nonetheless, it warrants consideration within a more nuanced and dynamic model. This paper presents a low-overhead DRAM RowHammer vulnerability profiling technique termed DRAM-Profiler, which utilizes innovative test vectors for categorizing memory cells into distinct security levels. The proposed test vectors intentionally weaken the spatial correlation between the aggressors and victim rows before an attack for evaluation, thus aiding designers in mitigating RowHammer vulnerabilities in the mapping phase. While there has been no previous research showcasing the impact of such profiling to our knowledge, our study methodically assesses 128 commercial DDR4 DRAM products. The results uncover the significant variability among chips from different manufacturers in the type and quantity of RowHammer attacks that can be exploited by adversaries.

#### **1** INTRODUCTION

Recent research has demonstrated that adversaries can exploit the RowHammer vulnerability present in DRAM to systematically and precisely manipulate bits across diverse applications, including proficiently trained neural networks, resulting in a notable impact on accuracy [12, 28]. Illustrated in Fig. 1(a), such so-called Bit-Flip Attacks (BFAs) can reduce the accuracy of an 8-bit quantized ResNet-34 on the ImageNet dataset from 73.1% to 0% by targeting only 5 bits. Fig. 1(b) reports that the RowHammer threshold has experienced a notable decline in recent years. For instance, on LPDDR4 (new), the attacker requires approximately 4.5 times fewer Hammer Counts (HC) compared to DDR3 (new) [33]. This threshold is anticipated to nearly vanish with the introduction of DDR5 [23].

To effectively mitigate RowHammer attacks, comprehensive investigation, and analysis of pertinent influencing factors are imperative. As research progresses, Error Correction Code (ECC) techniques [20, 24] have been developed across various directions to combat RowHammer attacks. Nonetheless, we cannot get detailed parameters of the organization from manufacturers because they defend the secrecy of chip structures, which means even the same RowHammer attack model has different performance to different chips. System manufacturers such as Apple [1] and HP [2] commonly employ a standard RowHammer mitigation approach by elevating the refresh rate, albeit at the cost of significant power consumption and susceptibility to compromise [24]. Intel's pTRR [14] and various research work propose a proactive strategy involving



Figure 1: (a) Targeted bit-flipping vs. random bit-flipping for an 8-bit quantized ResNet-34 on ImageNet [7] dataset, (a) RowHammer thresholds [23, 33].

the monitoring of row activations, termed HC. The memory controller tracks HC and initiates refresh cycles on victim rows once the number of row activations surpasses a predefined Maximum Activate Count (MAC) threshold ( $T_{MAC}$ ), typically stored on the Serial Presence Detect (SPD) chip within the DRAM module [8].

Previous studies have predominantly addressed RowHammer attacks under a static threat model, emphasizing fixed parameters. However, we advocate for a more sophisticated and adaptable approach, acknowledging the evolving nature of security threats. In contrast to static models, a dynamic framework accommodates the fluidity of attack vectors and defense mechanisms, thus providing a more comprehensive understanding of RowHammer vulnerabilities. By embracing this nuanced perspective, researchers can better anticipate emerging threats and devise effective countermeasures to safeguard against RowHammer and similar exploits. In this work, we introduce DRAM-Profiler, a novel technique for profiling DRAM RowHammer vulnerabilities with minimal overhead. DRAM-Profiler employs innovative test vectors to classify memory cells into different security levels. The main contributions of this paper are as follows:

(1) We demonstrate that the bit-flip induced by RowHammer attacks is intricate and variable, necessitating varied analyses associated with different patterns applied in the RowHammer attack model; (2) We propose a comprehensive classification of DRAM cells referred to as *cell's security level* within the chip to enhance the visibility of the impact of RowHammer attacks; and (3) Our experimental findings reveal substantial variability in the robustness of cells across 128 chips sourced from 7 major DRAM manufacturers. Consequently, we recommend the adoption of targeted defense mechanism designs as a more effective approach.

### 2 OVERVIEW

DRAM Organization & Commands. The DRAM chip is a hierarchical structure consisting of several memory banks, as shown in Fig. 2(a). Each bank comprises 2D sub-arrays of memory bit-cells virtually ordered in memory matrices, with billions of DRAM cells on modern chips. Each DRAM bit-cell consists of a capacitor and an access transistor. The charge status of the bit-cell's capacitor is used to represent binary "1" or "0" [36]. In idle mode, the memory controller turns off all enabled DRAM rows by sending the Precharge (PRE) command on the command bus. This will precharge the Bit-Line (BL) voltage to  $\frac{V_{DD}}{2}$ . In the active mode, the memory controller will send an Activate (ACT) command to the DRAM module to activate the Word-Line (WL). Then, all DRAM cells connected to the WL share their charges with the corresponding BL. Through this process, BL voltage deviates from the precharged  $\frac{V_{DD}}{2}$ . The sense amplifier then senses this deviation and amplifies it to  $V_{DD}$  or 0 in the row buffer. The memory controller can then send read (RD)/write (WR) commands to transfer data from/to the sense amplifier array. DRAM Timing Parameters. In the context of DRAM standards, a comprehensive array of timing parameters is established, with each parameter prescribing the minimum temporal separation between two successive DRAM commands to uphold seamless operational integrity. The most basic parameter is the clock cycle  $(t_{CK})$  used to measure all parameters. Row Active Time  $(t_{RAS})$  encompasses the temporal window demarcating an ACT command and the subsequent PRE command. During this prescribed  $t_{RAS}$  interval, the restoration of charge within the DRAM cells on the open DRAM row is effectuated to ensure optimal performance. Row Precharge Time  $(t_{RP})$  signifies the temporal gap between the issuance of a PRE command and the subsequent ACT command. The imposition of  $t_{RP}$  is instrumental in closing the open WL and initiating the precharging of the DRAM BLs to the voltage level of  $\frac{V_{DD}}{2}$ . Retention time in DRAM refers to the duration for which a memory cell can hold its stored data without requiring a refresh operation. It can be influenced by various factors, including the density of cells, electromagnetic interference, and so on. The critical timing parameters are fundamental in ensuring the reliable and efficient operation of DRAM modules across different standards. In the RowHammer model, the retention time of certain victim rows may experience a substantial reduction. The Refresh Window  $(t_{REFW})$  is essentially the interval within which all DRAM cells must be refreshed to prevent data loss or corruption.

**RowHammer in DDR4 & Protection Mechanisms.** Kim et al. [18] were the pioneers in conducting an extensive study on the characteristics of RowHammer bit-flips in DDR3 modules. They observed that approximately 85% of the tested modules were susceptible to RowHammer attack. Therefore, the majority of earlier RowHammer research is centered on DDR3 systems [29]. With the prospect of having a RowHammer-less landscape, DDR4 modules have been introduced. While there are documented instances of RowHammer on DDR4 chips in previous studies [9, 21], these findings pertain to earlier generations of DDR4. To the best of our knowledge, the only recent and established work exploring the multi-sided fault injection model is TRRespass [8].

Multiple software and hardware mitigation mechanisms have been proposed to reduce the impact of RowHammer-based attacks



Figure 2: (a) Hierarchical organization of DRAM, (b) Doublesided RowHammer attack [18].

[18, 22, 35, 37-39]. The hardware-based research efforts can be classified into two categories, i.e., victim-focused mechanism with probabilistic refreshing (e.g., PRA [15], PARA [18], ProHIT [32], ProTRR [22]) and aggressor-focused mechanism by counting activations (e.g., TRR [10], Hydra [27], CBT [31], Panopticon [5], CRA [15], TWiCe [20], Graphene [26], Mithril [17]). The system manufacturers tend to follow the mechanisms that explicitly detect RowHammer conditions and intervene, such as increasing refresh rates and access counter-based approaches. Along this line, Target Row Refresh (TRR) [8] and counter-based detection methods [15, 27, 30] require add-on hardware to calculate rows' activation and record it to other fast-read-memory (SRAM [20]/CAM [26]). The controller will then refresh the target row if the number reaches MAC [8]. TWiCe [20] is a per-row counter-based RowHammer prevention solution based on the idea that the number of ACTs within  $t_{REFW}$  is limited. Instead of detecting the rows, TWiCe only checks the number of ACTs. However, inserting a counter for each memory row imposes a substantial burden both from latency and power consumption perspectives [30]. To tackle this issue, recent works [30] consider the storage of counters in a dedicated section of DRAM or use a set-associative counter cache implemented within the memory controller to enhance the efficiency of accessing frequently utilized counters [15]. CAT [31] is a counter-based solution that keeps track of the number of ACTs performed on a set of DRAM rows and initiates a refresh operation for the entire group of rows, once the HC reaches the MAC. The counter-based solutions have been enabled by adding a new DRAM command called Nearby Row Refresh (NRR) [20, 26] that will be issued to refresh the relevant victim rows.

The JEDEC standard outlines three potential configurations for the MAC value: (1) unlimited, if the DRAM module claims to be RowHammer-free; (2) untested, if the DRAM module has not undergone post-production inspection; or (3)  $T_{MAC}$  indicating the specific number of ACTs the DRAM module can withstand (e.g., 1M). It has been revealed [8] that, irrespective of the DRAM manufacturer, the majority of DDR4 modules assert unlimited MAC value.

#### **3 DRAM-PROFILER**

#### 3.1 Formulating the Problem

A bit-flip occurs exclusively when there is a disparity in the bit values of adjacent rows. This raises the query regarding the differentiation of data among DRAM rows, a consequence of manufacturers' topology techniques. Consequently, the likelihood of adjacent rows differing from the target row on every bit is exceedingly low, resulting in numerous bits within the victim row sharing identical



Figure 3: Single-Sided (SG), Double-Sided (DB), and Victim-Clone (VC) attack models.

values with those in the adjacent row. According to this hypothesis, certain bits remain immune to flipping when adversaries employ an SG attack strategy. Nonetheless, in the DB attack model, the scenario becomes intricate. Ideally, the two assailant rows would exhibit diversity, each contrasting with the victim row on every bit. However, in specific instances, the sheer abundance of distinct bits complicates this ideal scenario.

Previous studies [13, 20, 30] have overlooked comparable specifics, and their assessment of RowHammer relies on analyzing the subsequent conditions: (i) complete dissimilarity between all bits of the attack row and the victim row, and (ii) conducting experiments using real DRAM storage data. However, owing to technical disparities among various manufacturers, this data pattern can be perceived as random. To enhance comprehension of the factors contributing to bit-flipping in RowHammer attacks, we decided to create a new research model As shown in Fig. 3, we assume the Double-sided (DB) RowHammer attack is based on the ideal case where each bit of the aggressor rows (A1 & A2) differs from the victim (V1). Based on our speculation and analysis of previous research works [16], we hypothesize that both cells in the attacking row exert a significant charging effect on the cells in the victim row. According to the previous research in [24], we know that the RowHammer vulnerability relies on rapid and repeated access to adjacent rows, causing electromagnetic interference that can lead to bit-flips in the victim row. However, for bit-flips to occur, there must be a difference in the charge state between the aggressor and victim rows.

Victim-Clone (VC) is our proposed attack model to make the victim row suffer less when the DRAM is under the DB attack. Leveraging this model, we can focus on a more detailed study of the effects of leakage between cells and prolong the stability of cells within the victim's row, preventing them from experiencing bit-flips for an extended period. The VC model essentially copies the victim row to one of the aggressor rows to ensure that each bit of the victim row is only affected by one adjacent flipped bit. As shown in Fig. 3, in this model, the cell in A1 has a low charge effect, and that in A2 has a high charge effect.

#### 3.2 DRAM Security Level

Based on the findings reported in our preceding study [Omitted for review purposes], a direct correlation exists between the increment of HC and the observed rise in bit-flip occurrences in DRAM This phenomenon signifies an escalating number of cells susceptible to charge leakage as HC values increase. Alternatively, a granular



Figure 4: The vulnerability of cells associated with the HC

examination of individual HC values unveils distinct patterns in cell presence across different levels. Some cells demonstrate consistent presence across multiple HC levels, while others exhibit sporadic or negligible presence. Utilizing a color-coded scheme to represent DRAM cell frequencies at varying HC levels allows for the visualization of these patterns, facilitating a more comprehensive understanding of DRAM vulnerability to RowHammer attacks. As shown in Fig. 4, assume we collect samples from the same chip subjected to RowHammer attacks at various HC levels. In every tier, we emphasize the cells where bit-flips occur. As the HC escalates from upper to lower tiers, the number of these cells generating bit-flips rises. Concurrently, we note that cells causing bit-flips at lower HC levels persist in generating bit-flips at higher HC levels, implying their consistency across varying HC levels. Therefore, the more frequently a flipped cell appears at all levels, the more vulnerable it is. In other words, if some cells appear in different HC levels simultaneously, the highlighted color will be darker. Thus, the color bars in Fig. 4 can represent the vulnerability of cells. The four colors from left to right (from bright yellow to dark red) represent the degree of vulnerability from low to high. This model can be exploited for the following reasons:

(*i*) To empirically analyze significant variability among chips from different manufacturers. Consequently, we aim to investigate whether this discrepancy correlates with the quantity of highly vulnerable cells within the chip.

(*ii*) To investigate variations in the rate at which the number of bit-flips increases with rising HC levels. Therefore, this model facilitates a more detailed examination of the differences between cells from different manufacturers.

(*iii*) To explore RowHammer attack modes yield outcomes. This model enables us to evaluate the resilience of cells from different manufacturers to various attack modes.

#### **4 EXPERIMENTS**

In this section, we will design and conduct experiments to validate the hypotheses posited in the preceding section.

#### 4.1 Prerequisites

**Framework Setup & Testing Infrastructure.** We test the DRAM chips by extensively modifying the DRAM-Bender [25] to have a versatile FPGA-based DRAM attack exploration framework for DDR4 with an in-DRAM compiler API installed on our host machine. Our testing infrastructure, as shown in Fig. 5, consists of the Alveo U200 Data Center Accelerator Card [4] as the FPGA that accepts DDR4 modules and runs the test programs based on Algorithm 1 by sending DDR4 command traces generated by the host machine. The key idea is to take control of memory modules for DDR4 interfaces with straightforward high-level programming to test, characterize,



Figure 5: Our testing infrastructure for DDR4 modules.

and run the generated programs on the host machine. The driver is designed to send instructions across the PCIe bus to the FPGA to be stored on the board. Besides, to have a fair comparison among various under-test DRAM chips, the temperature is kept below 30°C with INKBIRDPLUS 1800W temperature controller.

Minimizing Interference. Before implementing the proposed attack scenario, DRAM refresh [3] and rank-level ECC are disabled to minimize their interference with RowHammer bit-flips. However, proprietary RowHammer protection techniques (e.g., Target Row Refresh [8, 10]) are in place.

Chips Tested. To profile DRAM cell vulnerabilities, the experiments are conducted on a range of 128 commercialized DRAM chips from eight different manufacturers (mf.) as listed in Table 1 with various die densities and die revisions.

Table 1: Under-test DRAM chips.

|                           |        |            | -        |      |      |
|---------------------------|--------|------------|----------|------|------|
| Vendor                    | #Chips | Freq (MHz) | Die rev. | Org. | Date |
| mf-A (Crucial 16 GB)      | 16     | 3200       | С        | x8   | N/A  |
| mf-B (Kingston 16GB)      | 16     | 2666       | G        | x8   | 2152 |
| mf-C (Micron 16GB)        | 16     | 2133       | В        | x4   | 2126 |
| mf-D (NEMIX 16GB)         | 16     | 2133       | В        | x4   | 1733 |
| mf-E (SK Hynix 16GB)      | 16     | 2400       | А        | x8   | 1817 |
| mf-F (Patriot Viper 16GB) | 16     | 3600       | С        | x8   | N/A  |
| mf-G (Samsung 16GB)       | 16     | 2400       | В        | x8   | 2053 |

#### 4.2 Programming

We devise the following RowHammer test procedure in Algorithm 1 to conduct experiments, aimed at characterizing various DDR4 DRAM modules and implementing three fault injection models by enabling control over the HC. We start by initializing both the FPGA and the testing framework to introduce disruptions in DRAM timing, enabling the insertion of instructions into the DRAM chip. Then, we initialize the row address denoted by Initial\_Row, whereby the data pattern will be allocated in line-4, and load the prepared Data\_pattern and Data\_pattern\_inv in line-5. We set all bits in Data\_pattern and Data\_pattern\_inv to "1" and "0", respectively. This initialization establishes a straightforward state, facilitating a clearer observation of the attack intensity. The initialization is completed at this point. We will further allocate different patterns according to different cases. In the case of Single-sided attack (SG) and DB, we utilize the traditional allocation method to guarantee that the aggressor row and the victim row store data in a precisely opposite manner. In the case of the VC, one of the aggressor rows replicates the data from the victim row, while the other row contains data that is the opposite, effectively simulating the duplication of the victim row onto one of the aggressor rows. Lines 9, 14, and 19 provide the hammering instructions applied to the DRAM rows. We hammer Initial\_Row + 1 in SG and Initial\_Row & Initial\_Row+2 in both VC and DB models. Following the execution

of all RowHammer reaching the pre-set HC, we retrieve the data from all rows. Ultimately, we ascertain the number of bit-flips by comparing the read data with the initially stored data.

Algorithm 1 RowHammer test procedure for SG, VC, and DB

- 1: Procedure: RHtest
- 2: Input HC
- 3: Initialize FPGA() & Platform() 4: Define Inital Row
- 5: Load Data\_pattern & Data\_pattern\_ing
- Case SG:
- Initial\_Row ← Data\_pattern
- Initial Row + 1 ← Data pattern int Hammer Initial\_Row + 1 for(HC)
- 10: Case VC: Initial Row ← Data pattern
- 11:  $Initial_Row + 1 \leftarrow Data_pattern_inv$
- 12: 13:  $Initial_Row + 2 \leftarrow Data_pattern_inv$
- 14: Hammer Initial Row & Initial Row + 2 for(HC)
- 15: Case DB:
- 16:  $Initial_Row \leftarrow Data_pattern$
- 17.  $Initial\_Row + 1 \leftarrow Data\_pattern\_inv$
- $Initial_Row + 2 \leftarrow Data_pattern$ 18:
- Hammer Initial\_Row & Initial\_Row + 2 for(HC) 19:
- 20: Receive Data(Platform); //Write data back to hostPC

 21: Detect\_BitFlips(Victim\_Row) 22: end Procedure

#### 4.3 Analysis of the Results

Fig. 6 represents the comprehensive analysis results of the security levels of DRAM cells. In every plot, there are three curves for different RowHammer attack models, i.e., DB, SG, and VC. The X-axis denotes HC, and the Y-axis represents the number of cells at which bit-flip occurred. The typical  $t_{RAS}$  values for DDR4 memory modules can range from approximately 36 to 48  $t_{CK}$  [6], although these values may vary depending on the module's speed rating (e.g., DDR4-2133, DDR4-2400, DDR4-3200, etc.). For example, the duration of a clock cycle for DDR4-2400 memory can be calculated as  $t_{CK} = \frac{1}{2400MT/s}$ . In our design, each  $t_{RAS}$  comprises three components: ACT, Sleep, and PRE, where Sleep is set to  $5t_{CK}$ . In order to more accurately emulate real-world scenarios, we set a maximum limit of 1M for the HC. Given that we suspended the DRAM refresh command in this experiment, it became necessary to manually account for retention time. So in a refresh window  $(t_{REF})$  the maximum number of HC must be less than  $\frac{t_{REF}}{t_{RAS}}$  =1.37M. Practically, the application cannot be composed entirely of activations, so we limit the number of activations used for RowHammer to 1M. Here we list our key observations regarding the under-test chips.

Obs.#1. Compared with DB model, VC model cannot effectively reduce the number of bit-flips.

As discussed, the VC attack model is a way to make the victim row less vulnerable by copying the victim row to one of the aggressor rows. Therefore, the number of bit-flips produced by the final cell should be hypothetically close to that created by the SG attack. However, based on the empirical findings, it is evident that only chips from three manufacturers exhibit improvement following the implementation of the VC. As depicted in Fig. 6(b)(e)(f), upon reaching the HC limit (1M), the bit-flips induced by VC decreased by approximately 25% compared to DB yet remained over four times more than those induced by SG. This observation contradicts our initial hypothesis: within the DB model, replicating the victim row onto one of the aggressor rows does not significantly decrease the frequency of bit-flips. We can draw a new conclusion from this: when the attacker ensures that one bit in the aggressor rows differs



Figure 6: Analysis of the security levels of cells on (a) mf-A, (b) mf-B, (c) mf-C, (d) mf-D, (e) mf-E, (f) mf-F, (g) mf-G.

from the victim row, they can efficiently flip the one in the victim row. Confirming the prior reports, the DB attack is more likely to produce a bit-flip than the SG attack. As shown in Fig. 6(a)(d)(g), the results of VG and DB almost overlap, meaning that these cells can produce bit-flip as long as at least one cell in the adjacent row differs from it. Fig. 6(c) represents a special case, in which the VC model generates more bit-flips than DB. The factors contributing to this observation remain unknown.

# **Obs.#2.** Various cells demonstrate diverse levels of resistance to various attack models.

Undoubtedly, within the same chip, certain cells are susceptible to RowHammer attacks, whereas others remain unaffected. However, determining the susceptibility of a cell poses a challenge. To address this, we employ a visual approach for classification. We have opted to use a four-level scale, ranging from level 1 to level 4, to denote the extent of cell vulnerability. Lower levels indicate a lower likelihood of bit-flips, while higher levels suggest greater susceptibility. Take Fig. 6(b)(e)(f) as examples, among these chips, we posit that if a cell succumbs to SG, it can be deemed the most vulnerable to attack. Consequently, when HC is 1M, we classify all cells that induce bit-flips as level 4. Next, we consider cells that do not induce bit-flips in SG but exhibit them in VC. We categorize these cells as level 3. As previously discussed, if cells with high vulnerability manifest bit-flips in low-threat attacks, they are also likely to experience bit-flips in high-threat attacks. Consequently, when HC is 1M, we derive the level 3 count by subtracting the total number of bit-flips in VC from the total number of bit-flips in SG. Applying the same principle, we classify cells exhibiting behaviors between DB and VC as level 2. Finally, if cells withstand even the DB attack, we classify them as level 1. Excluding the chips from these three manufacturers, as shown in Fig. 6(a)(d)(g), due to the scarcity of cells between DB and VC, we delete level 2 and keep level 3. Figure 6(c) presents an exception; we cannot classify level 2

and level 3 using the previous rules. Therefore, in this scenario, we can only classify cells as level 1 and level 4.

**Obs.#3.** Tailored DRAM protection mechanisms, designed according to specific chip topologies, will be necessary and more efficient.

From our experiments, we discovered significant variations in RowHammer attacks across chips from different manufacturers, likely due to distinct manufacturing processes. Consequently, we contend that designing tailored defense mechanisms based on the specific characteristics of individual chips may yield greater effectiveness. For example, considering Fig. 6(c)(d)(g), which has a significant proportion of level 1 cells, it may opt to employ a defense strategy targeting levels 3, 2, and 1. In Fig. 6(b)(e)(f), the primary characteristic is the exceedingly low number of cells in level 4, coupled with a larger number of cells in levels 3 and 2. As such, implementing a defense mechanism against DB attacks could be appropriate. Finally, in Fig. 6(a), all the levels are average, so the counter-based defense mechanisms can be recommended. While there are multiple approaches to defending against RowHammer attacks, the most straightforward method involves identifying the factors that render cells deferentially vulnerable to attack. Enhancing these influencing factors will represent the most effective defense against RowHammer attacks.

## **Obs.#4.** The stability of cells in chips varies among different manufacturers.

Here, we introduced a cell classification method, yet the stability of cells also influences our classification to some extent. Stability refers to the fluctuation range in the number of cells that induce bit-flips when HC is at a specific value. A broader range indicates lower stability. For instance, in real-world scenarios, cells may occasionally trigger bit-flips once HC reaches a particular value due to interference from various factors. However, in experimental settings, no bit-flips occur. Fig. 6(d) and (g) serve as prime examples of low stability. We observe that the curves for these two chips exhibit irregular fluctuations, indicating significant variability in the number of bit-flips at certain HC values. In comparison, other chips are relatively stable.

#### 4.4 DNN Weight Attack

To further analyze the effectiveness of the conducted study in DNN application, we incorporate the three different attack models/levels, i.e., SG, VC, and DB, into the popular BFA attack framework [28, 34] via only targeting cells that will succumb to the corresponding attack levels, and conduct the adjusted BFA attack on a quantized ResNet-20 [11] trained on CIFAR-10 [19]. Table 2 displays the number of iterations needed to degrade model accuracy to a random guess level (i.e., 10%) under the three distinct attack strategies across all under-test DRAM chips. We observe that the numbers of required iterations from Fig. 6(a)(d)(g), where the curves of VC and DB overlap, the number of required iterations are identical (15, 27, and 19, respectively). Generally, a single-sided row hammer requires more bit-flips to achieve the attacker's objective on most chips.

Table 2: Number of required iterations for BFA attack [28] to degrade a quantized ResNet-20 [11] trained on CIFAR-10 [19] to a random guess level.

| Vendor | Single-sided attack | Victim-Clone attack | Double-sided attack |
|--------|---------------------|---------------------|---------------------|
| mf-A   | 18                  | 15                  | 15                  |
| mf-B   | 50                  | 17                  | 14                  |
| mf-C   | 20                  | 46                  | 55                  |
| mf-D   | 40                  | 27                  | 27                  |
| mf-E   | 74                  | 34                  | 20                  |
| mf-F   | 49                  | 14                  | 15                  |
| mf-G   | 28                  | 19                  | 19                  |

#### 5 CONCLUSION

This paper introduces a mechanism, DRAM-Profiler, for experimental DRAM RowHammer vulnerability profiling. This mechanism is proposed to make the analysis of the RowHammer attack model more comprehensive and visible. We explore various RowHammer models to reintroduce a more authentic setting, addressing a previously overlooked aspect in prior research. The revised model provides a more nuanced understanding of performance variations across different manufacturers' chips, highlighting the necessity for a dynamic, rather than static, approach to the RowHammer problem. Additionally, our investigation delved into the phenomenon of cell flipping triggered by varying activation frequencies. This led us to classify cells based on their activation frequency, as the crux of bit-flip occurrences lies in charge alterations within the cells. By categorizing cells in this manner, we can effectively gauge the resilience of different chips against specific activation frequencies. Armed with these insights, we are poised to develop more targeted defense strategies against RowHammer attacks in future designs.

#### REFERENCES

- 2015. Apple, Inc. About the security content of mac efi security update 2015-001. https://support.apple.com/en-au/HT204934.
- [2] 2015. HP, Inc. Hp moonshot component pack. https://support.hpe.com/hpsc/doc/ public/display?docId=c04676483,May2015.
- [3] 2020. JESD79-4C: DDR4 SDRAM Standard. https://www.xilinx.com/products/ boards-and-kits/alveo.html
- [4] 2021. Xilinx Inc., Xilinx Alveo U200 FPGA Board. https://www.xilinx.com/ products/boards-and-kits/alveo.html

- [5] Tanj Bennett et al. 2021. Panopticon: A complete in-dram rowhammer mitigation. In DRAMSec, Vol. 22. 110.
- [6] Haerang Choi et al. 2020. Reducing DRAM refresh power consumption by runtime profiling of retention time and dual-row activation. *MICPRO* 72 (2020).
- [7] Jia Deng et al. 2009. Imagenet: A large-scale hierarchical image database. In 2009 IEEE conference on computer vision and pattern recognition. Ieee, 248–255.
- [8] Pietro Frigo et al. 2020. TRRespass: Exploiting the many sides of target row refresh. In SP. IEEE, 747-762.
- [9] Daniel Gruss et al. 2018. Another flip in the wall of rowhammer defenses. In SP. IEEE, 245–261.
- [10] Hasan Hassan et al. 2021. Uncovering in-dram rowhammer protection mechanisms: A new methodology, custom rowhammer patterns, and implications. In *MICRO*. 1198–1213.
- [11] Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. 2015. Delving deep into rectifiers: Surpassing human-level performance on imagenet classification. In *ICCV*. 1026–1034.
- [12] Sanghyun Hong et al. 2019. Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks.. In USENIX. 497–514.
- [13] Patrick Jattke et al. 2022. Blacksmith: Scalable rowhammering in the frequency domain. In SP. IEEE, 716–734.
- [14] Marcin Kaczmarski. 2014. Thoughts on intel xeon e5-2600 v2 product family performance optimisation-component selection guidelines.
- [15] Dae-Hyun Kim et al. 2014. Architectural support for mitigating row hammering in DRAM memories. *IEEE CAL* 14, 1 (2014), 9-12.
- [16] Jeremie S Kim et al. 2020. Revisiting rowhammer: An experimental analysis of modern dram devices and mitigation techniques. In ISCA. IEEE, 638–651.
- [17] Michael Jaemin Kim et al. 2022. Mithril: Cooperative row hammer protection on commodity dram leveraging managed refresh. In HPCA. IEEE, 1156–1169.
- [18] Yoongu Kim et al. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. ACM SIGARCH Computer Architecture News 42, 3 (2014), 361–372.
- [19] Alex Krizhevsky, Vinod Nair, and Geoffrey Hinton. 2014. The CIFAR-10 dataset. online: http://www.cs. toronto. edu/kriz/cifar. html 55 (2014).
- [20] Eojin Lee et al. 2019. TWiCe: Preventing row-hammering by exploiting time window counters. In ISCA. 385–396.
- [21] Moritz Lipp et al. 2020. Nethammer: Inducing rowhammer faults through network requests. In *EuroS&PW*. IEEE, 710–719.
  [22] Michele Marazzi et al. 2022. Protrr: Principled vet optimal in-dram target row
- [22] Michele Marazzi et al. 2022. Front: Frincipled yet optimal in-dram target row refresh. In SP. IEEE, 735–753.
  [23] Michele Marazzi et al. 2023. REGA: Scalable Rowhammer Mitigation with Refresh-
- [23] Michele Marazzi et al. 2023. REGA: Scalable Rowhammer Mitigation with Refresh-Generating Activations. In SP. IEEE.
- [24] Onur Mutlu and Jeremie S Kim. 2019. Rowhammer: A retrospective. IEEE TCAD 39 (2019).
- [25] Ataberk Olgun et al. 2023. DRAM Bender: An Extensible and Versatile FPGAbased Infrastructure to Easily Test State-of-the-art DRAM Chips. TCAD (2023).
- [26] Yeonhong Park et al. 2020. Graphene: Strong yet lightweight row hammer protection. In MICRO. IEEE, 1–13.
- [27] Moinuddin Qureshi et al. 2022. Hydra: enabling low-overhead mitigation of row-hammer at ultra-low thresholds via hybrid tracking. In *ISCA*.
- [28] Adnan Siraj Rakin et al. 2019. Bit-flip attack: Crushing neural network with progressive bit search. In *ICCV*, 1211–1220.
- [29] Mark Seaborn and Thomas Dullien. 2015. Exploiting the DRAM rowhammer bug to gain kernel privileges. *Black Hat* 15 (2015), 71.
  [30] Seved Mohammad Sevedzadeh et al. 2016. Counter-based tree structure for row
- [30] Seyed Mohammad Seyedzadeh et al. 2016. Counter-based tree structure for row hammering mitigation in DRAM. CAL 16 (2016).
- [31] Seyed Mohammad Seyedzadeh et al. 2018. Mitigating wordline crosstalk using adaptive trees of counters. In ISCA. IEEE, 612–623.
- [32] Mungyu Son et al. 2017. Making DRAM stronger against row hammering. In DAC. 1–6.
- [33] Jeonghyun Woo et al. 2022. Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems. preprint arXiv:2212.12613 (2022).
- [34] Fan Yao et al. 2020. Deephammer: Depleting the intelligence of deep neural networks through targeted chain of bit flips. In USENIX.
- [35] Ranyang Zhou et al. 2022. LT-PIM: An LUT-Based Processing-in-DRAM Architecture With RowHammer Self-Tracking. *IEEE Computer Architecture Letters* 21, 2 (2022), 141–144.
- [36] Ranyang Zhou et al. 2022. ReD-LUT: Reconfigurable in-DRAM LUTs enabling massive parallel computation. In Proceedings of the 41st IEEE/ACM International Conference on Computer-Aided Design. 1–8.
- [37] Ranyang Zhou et al. 2023. DNN-Defender: An in-DRAM Deep Neural Network Defense Mechanism for Adversarial Weight Attack. arXiv preprint arXiv:2305.08034 (2023).
- [38] Ranyang Zhou et al. 2023. DRAM-Locker: A General-Purpose DRAM Protection Mechanism against Adversarial DNN Weight Attacks. arXiv preprint arXiv:2312.09027 (2023).
- [39] Ranyang Zhou et al. 2023. P-pim: A parallel processing-in-dram framework enabling row hammer protection. In DATE. IEEE, 1–6.