Leveraging em side-channel information to detect rowhammer attacks

Zhenkai Zhang, Zihao Zhan, Daniel Balasubramanian, Bo Li, Peter Volgyesi, Xenofon Koutsoukos

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

13 Scopus citations


The rowhammer bug belongs to software-induced hardware faults, and has been exploited to form a wide range of powerful rowhammer attacks. Yet, how to effectively detect such attacks remains a challenging problem. In this paper, we propose a novel approach named RADAR (Rowhammer Attack Detection via A Radio) that leverages certain electromagnetic (EM) signals to detect rowhammer attacks. In particular, we have found that there are recognizable hammering-correlated sideband patterns in the spectrum of the DRAM clock signal. As such patterns are inevitable physical side effects of hammering the DRAM, they can "expose"any potential rowhammer attacks including the extremely elusive ones hidden inside encrypted and isolated environments like Intel SGX enclaves. However, the patterns of interest may become unapparent due to the common use of spread-spectrum clocking (SSC) in computer systems. We propose a de-spreading method that can reassemble the hammering-correlated sideband patterns scattered by SSC. Using a common classification technique, we can achieve both effective and robust detection-based defense against rowhammer attacks, as evaluated on a RADAR prototype under various scenarios. In addition, our RADAR does not impose any performance overhead on the protected system. There has been little prior work that uses physical side-channel information to perform rowhammer defenses, and to the best of our knowledge, this is the first investigation on leveraging EM side-channel information for this purpose.

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages18
ISBN (Electronic)9781728134970
StatePublished - May 2020
Event41st IEEE Symposium on Security and Privacy, SP 2020 - San Francisco, United States
Duration: May 18 2020May 21 2020

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
ISSN (Print)1081-6011


Conference41st IEEE Symposium on Security and Privacy, SP 2020
Country/TerritoryUnited States
CitySan Francisco


Dive into the research topics of 'Leveraging em side-channel information to detect rowhammer attacks'. Together they form a unique fingerprint.

Cite this