Physical Memory Attacks and a Memory Safe Management System for Memory Defense

Alon Hillel-Tuch,Aspen Olmstead
DOI: https://doi.org/10.48550/arXiv.2403.08656
2024-03-14
Abstract:Programming errors, defective hardware components (such as hard disk spindle defects), and environmental hazards can lead to invalid memory operations. In addition, less predictable forms of environmental stress, such as radiation, thermal influence, and energy fluctuations, can induce hardware faults. Sometimes, a soft error can occur instead of a complete failure, such as a bit-flip. The 'natural' factors that can cause bit-flips are replicable through targeted attacks that result in significant compromises, including full privileged system access. Existing physical defense solutions have consistently been circumvented shortly after deployment. We will explore the concept of a novel software-based low-level layer that can protect vulnerable memory targeted by physical attack vectors related to bit-flip vulnerabilities.
Cryptography and Security,Operating Systems
What problem does this paper attempt to address?
The problem that this paper attempts to solve is the threat of physical memory attacks (such as RowHammer and Blacksmith attacks) to the security of computer systems, especially memory errors caused by hardware failures (such as bit - flips). Existing physical defense solutions are easily bypassed, and hardware - level error - detection and - correction mechanisms (such as ECC memory) have limited protection capabilities in the face of complex attacks. Specifically, the paper mainly focuses on the following issues: 1. **Memory errors caused by hardware failures and environmental factors**: - Programming errors, hardware defects (such as hard - disk spindle defects), and environmental hazards (such as radiation, temperature effects, and energy fluctuations) may lead to invalid memory operations. - Bit - flip is a common soft error, which may be caused by natural factors or targeted attacks, resulting in serious consequences such as system privilege escalation. 2. **Limitations of existing physical defense solutions**: - Existing physical defense measures are quickly bypassed after deployment and cannot effectively resist complex attacks. - Although ECC memory can detect and correct some naturally occurring memory errors, it has limited protection capabilities in the face of complex attacks such as RowHammer. 3. **Challenges of software solutions**: - Software - level memory error - detection and - correction schemes can provide more comprehensive protection, but usually increase computational overhead and space complexity. - Current software solutions do not distinguish between critical and non - critical data, resulting in a decline in overall performance. To solve these problems, the paper proposes a new software - based low - level layer (Memory Safe Management System, MSMS), aiming to protect memory areas vulnerable to physical attacks by priority scheduling and selectively applying memory integrity algorithms, thereby improving system security and reducing computational overhead. ### Formula representation - **Single - bit error probability**: \[ P_{\text{bitflip}} = 1.6\times10^{- 5}\] - **Error rate per megabyte of memory**: \[ E_{\text{failures per MB}} = 7.5\pm1.5\] These formulas are used to simulate the probability of hardware - failure introduction in experiments. ### Summary The core problem of the paper is to develop a new method that can effectively resist physical memory attacks, providing a more flexible and efficient memory protection mechanism by combining the advantages of software and hardware, especially in consumer - level hardware environments.