Abstract
The Rowhammer effect is a disturbance error in DRAM that attackers can trigger from software. The first publication on Rowhammer in 2014 evaluated 129 Dual In-line Memory Modules (DIMMs) on an FPGA and showed that 110 DIMMs are affected, indicating that Rowhammer is a widespread issue. However, until now, no case outside of academia is known in which Rowhammer was used for attacks, indicating a stark discrepancy between the attention Rowhammer receives and its real-world relevance.
This paper systematically analyzes 32 offensive Rowhammer papers, including 48 experiments. However, we avoid finger-pointing but identify six threats to the validity and relevance of Rowhammer research results and give multiple examples. The threats include small sample sizes, overestimated attacker capabilities, unrealistic attack scenarios, non-comparability of the results, age and wear of hardware, and sub-optimal attack performance metrics. Additionally, we provide recommendations with detailed justification to the scientific community to mitigate those threats: (1) pre-experimental testing of DIMM integrity, (2) increasing and broadening the DIMM sample size, (3) expanding reproduction studies of published work, (4) defining attacks in real-world conditions and distinguishing them from theoretical ones, (5) publishing DIMM manufacturing data, (6) documenting DIMM wear and, (7) leveraging multiple metrics for bit flip evaluations.
This paper systematically analyzes 32 offensive Rowhammer papers, including 48 experiments. However, we avoid finger-pointing but identify six threats to the validity and relevance of Rowhammer research results and give multiple examples. The threats include small sample sizes, overestimated attacker capabilities, unrealistic attack scenarios, non-comparability of the results, age and wear of hardware, and sub-optimal attack performance metrics. Additionally, we provide recommendations with detailed justification to the scientific community to mitigate those threats: (1) pre-experimental testing of DIMM integrity, (2) increasing and broadening the DIMM sample size, (3) expanding reproduction studies of published work, (4) defining attacks in real-world conditions and distinguishing them from theoretical ones, (5) publishing DIMM manufacturing data, (6) documenting DIMM wear and, (7) leveraging multiple metrics for bit flip evaluations.
| Original language | English |
|---|---|
| Title of host publication | Computer Security – ESORICS 2025 |
| Subtitle of host publication | 30th European Symposium on Research in Computer Security, Toulouse, France, September 22–24, 2025, Proceedings, Part III |
| Editors | Vincent Nicomette, Abdelmalek Benzekri, Nora Boulahia-Cuppens, Jaideep Vaidya |
| Publisher | Springer, Cham |
| Pages | 204–223 |
| Number of pages | 20 |
| ISBN (Electronic) | 978-3-032-07894-0 |
| ISBN (Print) | 978-3-032-07893-3 |
| DOIs | |
| Publication status | Published - 18 Oct 2025 |
| Event | 30th European Symposium on Research in Computer Security, ESORICS 2025 - Toulouse, France Duration: 22 Sept 2025 → 24 Sept 2025 |
Publication series
| Name | Lecture Notes in Computer Science |
|---|---|
| Volume | 16055 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 30th European Symposium on Research in Computer Security, ESORICS 2025 |
|---|---|
| Abbreviated title | ESORICS 25 |
| Country/Territory | France |
| City | Toulouse |
| Period | 22/09/25 → 24/09/25 |
Keywords
- Rowhammer
- Research Validity
- SoK
ASJC Scopus subject areas
- Computer Science (miscellaneous)
Fields of Expertise
- Information, Communication & Computing
Fingerprint
Dive into the research topics of 'Epistemology of Rowhammer Attacks: Threats to Rowhammer Research Validity'. Together they form a unique fingerprint.Projects
- 1 Finished
-
FWF - NeRAM - Next-Generation Rowhammer Attacks and Mitigations
Gruss, D. (Project manager on research unit)
1/12/22 → 30/11/25
Project: Research project
Cite this
- APA
- Standard
- Harvard
- Vancouver
- Author
- BIBTEX
- RIS