A list of resources for the topics covered in the m0leCon 2023 talk Rowhammer Revisited: From Exploration to Exploitation and Mitigation.
- Flipping bits in memory without accessing them: an experimental study of DRAM disturbance errors first Rowhammer paper also introduces PARA
- RowHammer: A Retrospective overview of the last years of Rowhammer research
- Drammer: Deterministic Rowhammer Attacks on Mobile Platforms exploits Rowhammer on phones
- Flip Feng Shui: Hammering a Needle in the Software Stack introduces the RSA modulus hammering attack
- One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation Vm attacks with Rowhammer
- Exploiting the DRAM rowhammer bug to gain kernel privileges presentation that introduces the page table exploit
- Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript shows that Rowhammer is possible for a javascript envoirement in the browser
- Throwhammer: Rowhammer Attacks over the Network and Defenses Rowhammer attacks by sending packets to network controllers
- Another Flip in the Wall of Rowhammer Defenses introduces single location hammering, also introduces sudo exploit
- Terminal Brain Damage: Exposing the Graceless Degradation in Deep Neural Networks Under Hardware Fault Attacks performance dedradation attacks on neural networks using Rowhammer
- Uncovering In-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications reverse engineers and bypasses the TRR mitigation
- Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks shows ECC DRAM is also vulnerable to Rowhammer
- TRRespass: Exploiting the Many Sides of Target Row Refresh fuzzer to bypass TRR
- BLACKSMITH: Scalable Rowhammering in the Frequency Domain general fuzzing to find new hammering patterns
- REGA: Scalable Rowhammer Mitigation with Refresh-Generating Activations REGA in DRAM mitigation
- CSI:Rowhammer – Cryptographic Security and Integrity against Rowhammer CIS:Rowhammer mitigation
- Google Rowhammer Tester Rowhammer tester
- CMU-SAFARI Rowhammer Tester Rowhammer tester
- rowhammer.js Rowhammer from the browser
- drammer Rowhammer on mobile phones
- Blacksmith Rowhammer fuzzer
- Trrespass Rowhammer fuzzer to break TRR
- DRAMA Reverse engineering for DRAM functions
- Hammertime Profile based simulator for Rowhammer
- Hammulator simulating Rowhammer exploits for rapid prototyping
- A Rowhammer Reproduction Study Using the Blacksmith Fuzzer tests fuzzing reproducibility and stability of Rowhammer bitflips
- Hammulator: Simulate Now - Exploit Later fast prototyping for new Rowhammer exploits using full system emulation