Publications

2025

Arxiv

PrisonBreak: Jailbreaking Large Language Models with at Most Twenty-Five Targeted Bit-flips

Zachary Coalson, Jeonghyun Woo, Chris S. Lin, Joyce Qu, Yu Sun, Shiyang Chen, Lishan Yang, Gururaj Saileshwar, Prashant J. Nair, Bo Fang, and Sanghyun Hong

In Submission, 2025

arXiv

2025

ISCA
When Mitigations Backfire: Timing Channel Attacks and Defense for PRAC-Based RowHammer Mitigations

Jeonghyun Woo, Joyce Qu, Gururaj Saileshwar, and Prashant J. Nair

In 52nd Annual International Symposium on Computer Architecture (ISCA), 2025

Artifact Evaluated: Available, Functional, Reproduced

Abs DOI arXiv Bib PDF Code Slides

Per Row Activation Counting (PRAC) has emerged as a robust framework for mitigating RowHammer (RH) vulnerabilities in modern DRAM systems. However, we uncover a critical vulnerability: a timing channel introduced by the Alert Back-Off (ABO) protocol and Refresh Management (RFM) commands. We present PRACLeak, a novel attack that exploits these timing differences to leak sensitive information, such as secret keys from vulnerable AES implementations, by monitoring memory access latencies.To counter this, we propose Timing-Safe PRAC (TPRAC), a defense that eliminates PRAC-induced timing channels without compromising RH mitigation efficacy. TPRAC uses Timing-Based RFMs, issued periodically and independent of memory activity. It requires only a single-entry in-DRAM mitigation queue per DRAM bank and is compatible with existing DRAM standards. Our evaluations demonstrate that TPRAC closes timing channels while incurring only 3.4% performance overhead at the RH threshold of 1024.
@inproceedings{woo_isca25_prac_timing_channel, title = {When Mitigations Backfire: Timing Channel Attacks and Defense for PRAC-Based RowHammer Mitigations}, author = {Woo, Jeonghyun and Qu, Joyce and Saileshwar, Gururaj and Nair, Prashant J.}, booktitle = {52nd Annual International Symposium on Computer Architecture (ISCA)}, year = {2025}, isbn = {9798400712616}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3695053.3731007}, doi = {10.1145/3695053.3731007}, pages = {739–756}, numpages = {18}, keywords = {DRAM, RowHammer, Timing Channel, Security, PRAC, RFM}, series = {ISCA '25}, }
HPCA
QPRAC: Towards Secure and Practical PRAC-based Rowhammer Mitigation using Priority Queues

Jeonghyun Woo, Shaopeng (Chris) Lin, Prashant J. Nair, Aamer Jaleel, and Gururaj Saileshwar

In 31st International Symposium on High-Performance Computer Architecture (HPCA), 2025

Distinguished Artifact Award 🏅

Artifact Evaluated: Available, Functional, Reproduced

Abs DOI arXiv Bib PDF Code Slides

JEDEC has introduced the Per Row Activation Counting (PRAC) framework for DDR5 and future DRAMs to enable precise counting of DRAM row activations. PRAC enables a holistic mitigation of Rowhammer attacks even at ultra-low Rowhammer thresholds. PRAC uses an Alert Back-Off (ABO) protocol to request the memory controller to issue Rowhammer mitigation requests. However, recent PRAC implementations are either insecure or impractical. For example, Panopticon, the inspiration for PRAC, is rendered insecure if implemented per JEDEC’s PRAC specification. On the other hand, the recent UPRAC proposal is impractical since it needs oracular knowledge of the ‘top-N’ activated DRAM rows that require mitigation. This paper provides the first secure, scalable, and practical RowHammer solution using the PRAC framework. The crux of our proposal is the design of a priority-based service queue (PSQ) for mitigations that prioritizes pending mitigations based on activation counts to avoid the security risks of prior solutions. This provides principled security using the reactive ABO protocol. Furthermore, we co-design our PSQ, with opportunistic mitigation on Refresh Management (RFM) operations and proactive mitigation during refresh (REF), to limit the performance impact of ABO-based mitigations. QPRAC provides secure and practical RowHammer mitigation that scales to Rowhammer thresholds as low as 71 while incurring a 0.8% slowdown for benign workloads, which further reduces to 0% with proactive mitigations.
@inproceedings{QPRAC, title = {QPRAC: Towards Secure and Practical PRAC-based Rowhammer Mitigation using Priority Queues}, author = {Woo, Jeonghyun and Lin, Shaopeng (Chris) and Nair, Prashant J. and Jaleel, Aamer and Saileshwar, Gururaj}, booktitle = {31st International Symposium on High-Performance Computer Architecture (HPCA)}, year = {2025}, pages = {1021-1037}, keywords = {Hands;Protocols;Prevention and mitigation;Random access memory;Computer architecture;Security;Proposals;Guidelines;dram;reliability;security;rowhammer;per row activation counting}, doi = {10.1109/HPCA61900.2025.00080}, }
HPCA
DAPPER: A Performance-Attack-Resilient Tracker for RowHammer Defense

Jeonghyun Woo, and Prashant J. Nair

In 31st International Symposium on High-Performance Computer Architecture (HPCA), 2025

Abs DOI arXiv Bib PDF Slides

RowHammer vulnerabilities pose a significant threat to modern DRAM-based systems, where rapid activation of DRAM rows can induce bit-flips in neighboring rows. To mitigate this, state-of-the-art host-side RowHammer mitigations typically rely on shared counters or tracking structures. While these optimizations benefit benign applications, they are vulnerable to Performance Attacks (Perf-Attacks), where adversaries exploit shared structures to reduce DRAM bandwidth for co-running benign applications by increasing DRAM accesses for RowHammer counters or triggering repetitive refreshes required for the early reset of structures, significantly degrading performance. In this paper, we propose secure hashing mechanisms to thwart adversarial attempts to capture the mapping of shared structures. We propose DAPPER, a novel low-cost tracker resilient to Perf-Attacks even at ultra-low RowHammer thresholds. We first present a secure hashing template in the form of DAPPER-S. We then develop DAPPER-H, an enhanced version of DAPPER-S, incorporating double-hashing, novel reset strategies, and mitigative refresh techniques. Our security analysis demonstrates the effectiveness of DAPPER-H against both RowHammer and Perf-Attacks. Experiments with 57 workloads from SPEC2006, SPEC2017, TPC, Hadoop, MediaBench, and YCSB show that, even at an ultra-low RowHammer threshold of 500, DAPPER-H incurs only a 0.9% slowdown in the presence of Perf-Attacks while using only 96KB of SRAM per 32GB of DRAM memory.
@inproceedings{DAPPER, title = {DAPPER: A Performance-Attack-Resilient Tracker for RowHammer Defense}, author = {Woo, Jeonghyun and Nair, Prashant J.}, booktitle = {31st International Symposium on High-Performance Computer Architecture (HPCA)}, year = {2025}, pages = {1005-1020}, keywords = {Prevention and mitigation;Random access memory;Bandwidth;Computer architecture;Benchmark testing;Security;Optimization;security;reliability;dram;rowhammer;randomization;dos;performance attacks}, doi = {10.1109/HPCA61900.2025.00079}, }

2023

HPCA
Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems

Jeonghyun Woo, Gururaj Saileshwar, and Prashant J. Nair

In 29th International Symposium on High-Performance Computer Architecture (HPCA), 2023

Best Paper Award 🏅 (One of Two Best Papers in 364 Submissions)

Artifact Evaluated: Available, Functional, Reproduced

Abs DOI arXiv Bib PDF Code Slides

As Dynamic Random Access Memories (DRAM) scale, they are becoming increasingly susceptible to Row Hammer. By rapidly activating rows of DRAM cells (aggressor rows), attackers can exploit inter-cell interference through Row Hammer to flip bits in neighboring rows (victim rows). A recent work, called Randomized Row-Swap (RRS), proposed proactively swapping aggressor rows with randomly selected rows before an aggressor row can cause Row Hammer. Our paper observes that RRS is neither secure nor scalable. We first propose the ‘Juggernaut attack pattern’ that breaks RRS in under 1 day. Juggernaut exploits the fact that the mitigative action of RRS, a swap operation, can itself induce additional target row activations, defeating such a defense. Second, this paper proposes a new defense Secure Row-Swap mechanism that avoids the additional activations from swap (and unswap) operations and protects against Juggernaut. Furthermore, this paper extends Secure Row-Swap with attack detection to defend against even future attacks. While this provides better security, it also allows for securely reducing the frequency of swaps, thereby enabling Scalable and Secure Row-Swap. The Scalable and Secure Row-Swap mechanism provides years of Row Hammer protection with 3.3X lower storage overheads as compared to the RRS design. It incurs only a 0.7% slowdown as compared to a not-secure baseline for a Row Hammer threshold of 1200.
@inproceedings{scale-srs, title = {Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems}, author = {Woo, Jeonghyun and Saileshwar, Gururaj and Nair, Prashant J.}, booktitle = {29th International Symposium on High-Performance Computer Architecture (HPCA)}, year = {2023}, pages = {374-389}, keywords = {Correlation;Memory management;Random access memory;System-on-chip;Security;Intercell interference}, doi = {10.1109/HPCA56546.2023.10070999}, }

2021

ICCD
HammerFilter: Robust Protection and Low Hardware Overhead Method for RowHammer

Kwangrae Kim, Jeonghyun Woo , Junsu Kim, and Ki-Seok Chung

In 39th International Conference on Computer Design (ICCD), 2021

Abs DOI Bib PDF Video Slides

The continuous scaling-down of the dynamic random access memory (DRAM) manufacturing process has made it possible to improve DRAM density. However, it makes small DRAM cells susceptible to electromagnetic interference between nearby cells. Unless DRAM cells are adequately isolated from each other, the frequent switching access of some cells may lead to unintended bit flips in adjacent cells. This phenomenon is commonly referred to as RowHammer. It is often considered a security issue because unusually frequent accesses to a small set of rows generated by malicious attacks can cause bit flips. Such bit flips may also be caused by general applications. Although several solutions have been proposed, most approaches either incur excessive area overhead or exhibit limited prevention capabilities against maliciously crafted attack patterns. Therefore, the goals of this study are (1) to mitigate RowHammer, even when the number of aggressor rows increases and attack patterns become complicated, and (2) to implement the method with a low area overhead.We propose a robust hardware-based protection method for RowHammer attacks with a low hardware cost called HammerFilter, which employs a modified version of the counting bloom filter. It tracks all attacking rows efficiently by leveraging the fact that the counting bloom filter is a space-efficient data structure, and we add an operation, HALF-DELETE, to mitigate the energy overhead. According to our experimental results, the proposed method can completely prevent bit flips when facing artificially crafted attack patterns (five patterns in our experiments), whereas state-of-the-art probabilistic solutions can only mitigate less than 56% of bit flips on average. Furthermore, the proposed method has a much lower area cost compared to existing counter-based solutions (40.6× better than TWiCe and 2.3× better than Graphene).
@inproceedings{kim2021hammerfilter, title = {HammerFilter: Robust Protection and Low Hardware Overhead Method for RowHammer}, author = {Kim, Kwangrae and Woo, Jeonghyun and Kim, Junsu and Chung, Ki-Seok}, booktitle = {39th International Conference on Computer Design (ICCD)}, year = {2021}, pages = {212-219}, doi = {10.1109/ICCD53106.2021.00043}, issn = {2576-6996}, }

2025

DRAMSec

Counterpoint: One-Hot Counting for PRAC-Based RowHammer Mitigation

Shih-Lien Lu, Jeonghyun Woo, and Prashant J. Nair

In Fifth Workshop on DRAM Security (DRAMSec), co-located with ISCA 2025, 2025

Abs PDF

Dynamic Random-Access Memory (DRAM) continues to scale to smaller nodes to increase memory capacity. However, at sub-20nm scales, repeated activations of adjacent rows can cause unintended charge leakage in neighboring cells, resulting in the well-known security vulnerability known as RowHammer. To mitigate this, the JEDEC DDR5 standard introduces Per-Row Activation Counting (PRAC), which enables precise tracking of row activations by adding a dedicated counter to each DRAM row. PRAC allows DRAM to request mitigation from the memory controller when any counter exceeds a critical threshold. While effective, the current PRAC implementation incurs significant performance overhead. Each row activation requires a Read-Modify-Write (RMW) operation to update the corresponding counter, leading to substantial timing delays and slowdowns of up to 18%. Previous work has attempted to alleviate this by decoupling counter updates and leveraging subarray-level parallelism to hide the overhead. However, these designs suffer from high area costs due to the added latches, wires, and control logic. To address this, we propose a high-performance PRAC implementation based on One-Hot Encoding, which eliminates RMW operations, ensures precise activation counting, and reduces hardware complexity, thereby significantly lowering both performance and implementation overheads compared to existing solutions.
DRAMSec

CnC-PRAC: Coalesce, not Cache, Per Row Activation Counts for an Efficient in-DRAM Rowhammer Mitigation

Chris S. Lin, Jeonghyun Woo, Prashant J. Nair, and Gururaj Saileshwar

In Fifth Workshop on DRAM Security (DRAMSec), co-located with ISCA 2025, 2025

Abs arXiv PDF

JEDEC has introduced the Per Row Activation Counting (PRAC) framework for DDR5 and future DRAMs to enable precise counting of DRAM row activations using per-row activation counts. While recent PRAC implementations enable holistic mitigation of Rowhammer attacks, they impose slowdowns of up to 10% due to the increased DRAM timings for performing a read-modify-write of the counter. Alternatively, recent work, Chronus, addresses these slowdowns, but incurs energy overheads due to the additional DRAM activations for counters. In this paper, we propose CnC-PRAC, a PRAC implementation that addresses both performance and energy overheads. Unlike prior works focusing on caching activation counts to reduce their overheads, our key idea is to reorder and coalesce accesses to activation counts located in the same physical row. Our design achieves this by decoupling counter access from the critical path of data accesses. This enables optimizations such as buffering counter read-modify-write requests and coalescing requests to the same row. Together, these enable a reduction in row activations for counter accesses by almost 75%-83% compared to state-of-the-art solutions like Chronus and enable a PRAC implementation with negligible slowdown and a minimal dynamic energy overhead of 0.84%-1% compared to insecure DDR5 DRAM.

2021

DAC

HammerFilter: Robust Protection and Low Hardware Overhead Method for Row-Hammering

Kwangrae Kim , Junsu Kim, Jeonghyun Woo, and Ki-Seok Chung

In 58th ACM/IEEE Design Automation Conference (DAC), 2021

Poster

2019

KICS

A Method to Find the Optimal Probability for Probability-driven Additional Row Refresh to Prevent DRAM Row Hammering

Jeonghyun Woo, and Ki-Seok Chung

In The Korean Institute of Communications and Information Sciences Winter Conference, 2019

2017

KICS

Implementation of an FPGA-based CNN Accelerator using SDSoC

Changwoo Lee^*, Jeonghyun Woo^*, and Ki-Seok Chung

In The Korean Institute of Communications and Information Sciences Fall Conference, 2017

Code

Preprints and Under Review

2025

Conferences

2025

2023

2021

Workshop and Posters

2025

2021

Domestic (Korean) Conferences

2019

2017