Publications

2025

1. Arxiv

   PrisonBreak: Jailbreaking Large Language Models with at Most Twenty-Five Targeted Bit-flips

   Zachary Coalson, Jeonghyun Woo, Chris S. Lin, Joyce Qu, Yu Sun, Shiyang Chen, Lishan Yang, Gururaj Saileshwar, Prashant J. Nair, Bo Fang, and Sanghyun Hong

   In Submission, 2025

   arXiv

   

2026

1. ISCA

   Loaded Dices: Solving the Non-Selection Problem for Scalable Probabilistic RowHammer Defense

   Jeonghyun Woo^*, Junsu Kim^*, Aamer Jaleel, and Prashant J. Nair

   In 53rd Annual International Symposium on Computer Architecture (ISCA), 2026

   Bib

   @inproceedings{woo_isca26_prism,
     title = {Loaded Dices: Solving the Non-Selection Problem for Scalable Probabilistic RowHammer Defense},
     author = {Woo, Jeonghyun and Kim, Junsu and Jaleel, Aamer and Nair, Prashant J.},
     booktitle = {53rd Annual International Symposium on Computer Architecture (ISCA)},
     year = {2026},
   }

2025

1. ISCA

   When Mitigations Backfire: Timing Channel Attacks and Defense for PRAC-Based RowHammer Mitigations

   Jeonghyun Woo, Joyce Qu, Gururaj Saileshwar, and Prashant J. Nair

   In 52nd Annual International Symposium on Computer Architecture (ISCA), 2025

   Artifact Evaluated: Available, Functional, Reproduced

   Abs DOI arXiv Bib PDF Code Slides

   

   Per Row Activation Counting (PRAC) has emerged as a robust framework for mitigating RowHammer (RH) vulnerabilities in modern DRAM systems. However, we uncover a critical vulnerability: a timing channel introduced by the Alert Back-Off (ABO) protocol and Refresh Management (RFM) commands. We present PRACLeak, a novel attack that exploits these timing differences to leak sensitive information, such as secret keys from vulnerable AES implementations, by monitoring memory access latencies.To counter this, we propose Timing-Safe PRAC (TPRAC), a defense that eliminates PRAC-induced timing channels without compromising RH mitigation efficacy. TPRAC uses Timing-Based RFMs, issued periodically and independent of memory activity. It requires only a single-entry in-DRAM mitigation queue per DRAM bank and is compatible with existing DRAM standards. Our evaluations demonstrate that TPRAC closes timing channels while incurring only 3.4% performance overhead at the RH threshold of 1024.

   @inproceedings{woo_isca25_prac_timing_channel,
     title = {When Mitigations Backfire: Timing Channel Attacks and Defense for PRAC-Based RowHammer Mitigations},
     author = {Woo, Jeonghyun and Qu, Joyce and Saileshwar, Gururaj and Nair, Prashant J.},
     booktitle = {52nd Annual International Symposium on Computer Architecture (ISCA)},
     year = {2025},
     isbn = {9798400712616},
     publisher = {Association for Computing Machinery},
     address = {New York, NY, USA},
     url = {https://doi.org/10.1145/3695053.3731007},
     doi = {10.1145/3695053.3731007},
     pages = {739–756},
     numpages = {18},
     keywords = {DRAM, RowHammer, Timing Channel, Security, PRAC, RFM},
     series = {ISCA '25},
   }

2. HPCA

   QPRAC: Towards Secure and Practical PRAC-based Rowhammer Mitigation using Priority Queues

   Jeonghyun Woo, Shaopeng (Chris) Lin, Prashant J. Nair, Aamer Jaleel, and Gururaj Saileshwar

   In 31st International Symposium on High-Performance Computer Architecture (HPCA), 2025

   Distinguished Artifact Award 🏅

   Artifact Evaluated: Available, Functional, Reproduced

   Abs DOI arXiv Bib PDF Code Slides

   

   JEDEC has introduced the Per Row Activation Counting (PRAC) framework for DDR5 and future DRAMs to enable precise counting of DRAM row activations. PRAC enables a holistic mitigation of Rowhammer attacks even at ultra-low Rowhammer thresholds. PRAC uses an Alert Back-Off (ABO) protocol to request the memory controller to issue Rowhammer mitigation requests. However, recent PRAC implementations are either insecure or impractical. For example, Panopticon, the inspiration for PRAC, is rendered insecure if implemented per JEDEC’s PRAC specification. On the other hand, the recent UPRAC proposal is impractical since it needs oracular knowledge of the ‘top-N’ activated DRAM rows that require mitigation. This paper provides the first secure, scalable, and practical RowHammer solution using the PRAC framework. The crux of our proposal is the design of a priority-based service queue (PSQ) for mitigations that prioritizes pending mitigations based on activation counts to avoid the security risks of prior solutions. This provides principled security using the reactive ABO protocol. Furthermore, we co-design our PSQ, with opportunistic mitigation on Refresh Management (RFM) operations and proactive mitigation during refresh (REF), to limit the performance impact of ABO-based mitigations. QPRAC provides secure and practical RowHammer mitigation that scales to Rowhammer thresholds as low as 71 while incurring a 0.8% slowdown for benign workloads, which further reduces to 0% with proactive mitigations.

   @inproceedings{QPRAC,
     title = {QPRAC: Towards Secure and Practical PRAC-based Rowhammer Mitigation using Priority Queues},
     author = {Woo, Jeonghyun and Lin, Shaopeng (Chris) and Nair, Prashant J. and Jaleel, Aamer and Saileshwar, Gururaj},
     booktitle = {31st International Symposium on High-Performance Computer Architecture (HPCA)},
     year = {2025},
     pages = {1021-1037},
     keywords = {Hands;Protocols;Prevention and mitigation;Random access memory;Computer architecture;Security;Proposals;Guidelines;dram;reliability;security;rowhammer;per row activation counting},
     doi = {10.1109/HPCA61900.2025.00080},
   }

3. HPCA

   DAPPER: A Performance-Attack-Resilient Tracker for RowHammer Defense

   Jeonghyun Woo and Prashant J. Nair

   In 31st International Symposium on High-Performance Computer Architecture (HPCA), 2025

   Abs DOI arXiv Bib PDF Slides

   

   RowHammer vulnerabilities pose a significant threat to modern DRAM-based systems, where rapid activation of DRAM rows can induce bit-flips in neighboring rows. To mitigate this, state-of-the-art host-side RowHammer mitigations typically rely on shared counters or tracking structures. While these optimizations benefit benign applications, they are vulnerable to Performance Attacks (Perf-Attacks), where adversaries exploit shared structures to reduce DRAM bandwidth for co-running benign applications by increasing DRAM accesses for RowHammer counters or triggering repetitive refreshes required for the early reset of structures, significantly degrading performance. In this paper, we propose secure hashing mechanisms to thwart adversarial attempts to capture the mapping of shared structures. We propose DAPPER, a novel low-cost tracker resilient to Perf-Attacks even at ultra-low RowHammer thresholds. We first present a secure hashing template in the form of DAPPER-S. We then develop DAPPER-H, an enhanced version of DAPPER-S, incorporating double-hashing, novel reset strategies, and mitigative refresh techniques. Our security analysis demonstrates the effectiveness of DAPPER-H against both RowHammer and Perf-Attacks. Experiments with 57 workloads from SPEC2006, SPEC2017, TPC, Hadoop, MediaBench, and YCSB show that, even at an ultra-low RowHammer threshold of 500, DAPPER-H incurs only a 0.9% slowdown in the presence of Perf-Attacks while using only 96KB of SRAM per 32GB of DRAM memory.

   @inproceedings{DAPPER,
     title = {DAPPER: A Performance-Attack-Resilient Tracker for RowHammer Defense},
     author = {Woo, Jeonghyun and Nair, Prashant J.},
     booktitle = {31st International Symposium on High-Performance Computer Architecture (HPCA)},
     year = {2025},
     pages = {1005-1020},
     keywords = {Prevention and mitigation;Random access memory;Bandwidth;Computer architecture;Benchmark testing;Security;Optimization;security;reliability;dram;rowhammer;randomization;dos;performance attacks},
     doi = {10.1109/HPCA61900.2025.00079},
   }

2023

1. HPCA

   Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems

   Jeonghyun Woo, Gururaj Saileshwar, and Prashant J. Nair

   In 29th International Symposium on High-Performance Computer Architecture (HPCA), 2023

   Best Paper Award 🏅 (One of Two Best Papers in 364 Submissions)

   Artifact Evaluated: Available, Functional, Reproduced

   Abs DOI arXiv Bib PDF Code Slides

   

   As Dynamic Random Access Memories (DRAM) scale, they are becoming increasingly susceptible to Row Hammer. By rapidly activating rows of DRAM cells (aggressor rows), attackers can exploit inter-cell interference through Row Hammer to flip bits in neighboring rows (victim rows). A recent work, called Randomized Row-Swap (RRS), proposed proactively swapping aggressor rows with randomly selected rows before an aggressor row can cause Row Hammer. Our paper observes that RRS is neither secure nor scalable. We first propose the ‘Juggernaut attack pattern’ that breaks RRS in under 1 day. Juggernaut exploits the fact that the mitigative action of RRS, a swap operation, can itself induce additional target row activations, defeating such a defense. Second, this paper proposes a new defense Secure Row-Swap mechanism that avoids the additional activations from swap (and unswap) operations and protects against Juggernaut. Furthermore, this paper extends Secure Row-Swap with attack detection to defend against even future attacks. While this provides better security, it also allows for securely reducing the frequency of swaps, thereby enabling Scalable and Secure Row-Swap. The Scalable and Secure Row-Swap mechanism provides years of Row Hammer protection with 3.3X lower storage overheads as compared to the RRS design. It incurs only a 0.7% slowdown as compared to a not-secure baseline for a Row Hammer threshold of 1200.

   @inproceedings{scale-srs,
     title = {Scalable and Secure Row-Swap: Efficient and Safe Row Hammer Mitigation in Memory Systems},
     author = {Woo, Jeonghyun and Saileshwar, Gururaj and Nair, Prashant J.},
     booktitle = {29th International Symposium on High-Performance Computer Architecture (HPCA)},
     year = {2023},
     pages = {374-389},
     keywords = {Correlation;Memory management;Random access memory;System-on-chip;Security;Intercell interference},
     doi = {10.1109/HPCA56546.2023.10070999},
   }

2021

1. ICCD

   HammerFilter: Robust Protection and Low Hardware Overhead Method for RowHammer

   Kwangrae Kim, Jeonghyun Woo, Junsu Kim, and Ki-Seok Chung

   In 39th International Conference on Computer Design (ICCD), 2021

   Abs DOI Bib PDF Video Slides

   

   The continuous scaling-down of the dynamic random access memory (DRAM) manufacturing process has made it possible to improve DRAM density. However, it makes small DRAM cells susceptible to electromagnetic interference between nearby cells. Unless DRAM cells are adequately isolated from each other, the frequent switching access of some cells may lead to unintended bit flips in adjacent cells. This phenomenon is commonly referred to as RowHammer. It is often considered a security issue because unusually frequent accesses to a small set of rows generated by malicious attacks can cause bit flips. Such bit flips may also be caused by general applications. Although several solutions have been proposed, most approaches either incur excessive area overhead or exhibit limited prevention capabilities against maliciously crafted attack patterns. Therefore, the goals of this study are (1) to mitigate RowHammer, even when the number of aggressor rows increases and attack patterns become complicated, and (2) to implement the method with a low area overhead.We propose a robust hardware-based protection method for RowHammer attacks with a low hardware cost called HammerFilter, which employs a modified version of the counting bloom filter. It tracks all attacking rows efficiently by leveraging the fact that the counting bloom filter is a space-efficient data structure, and we add an operation, HALF-DELETE, to mitigate the energy overhead. According to our experimental results, the proposed method can completely prevent bit flips when facing artificially crafted attack patterns (five patterns in our experiments), whereas state-of-the-art probabilistic solutions can only mitigate less than 56% of bit flips on average. Furthermore, the proposed method has a much lower area cost compared to existing counter-based solutions (40.6× better than TWiCe and 2.3× better than Graphene).

   @inproceedings{kim2021hammerfilter,
     title = {HammerFilter: Robust Protection and Low Hardware Overhead Method for RowHammer},
     author = {Kim, Kwangrae and Woo, Jeonghyun and Kim, Junsu and Chung, Ki-Seok},
     booktitle = {39th International Conference on Computer Design (ICCD)},
     year = {2021},
     pages = {212-219},
     doi = {10.1109/ICCD53106.2021.00043},
     issn = {2576-6996},
   }

2025

1. DRAMSec

   Counterpoint: One-Hot Counting for PRAC-Based RowHammer Mitigation

   Shih-Lien Lu, Jeonghyun Woo, and Prashant J. Nair

   In Fifth Workshop on DRAM Security (DRAMSec), co-located with ISCA 2025, 2025

   Abs PDF

   

   Dynamic Random-Access Memory (DRAM) continues to scale to smaller nodes to increase memory capacity. However, at sub-20nm scales, repeated activations of adjacent rows can cause unintended charge leakage in neighboring cells, resulting in the well-known security vulnerability known as RowHammer. To mitigate this, the JEDEC DDR5 standard introduces Per-Row Activation Counting (PRAC), which enables precise tracking of row activations by adding a dedicated counter to each DRAM row. PRAC allows DRAM to request mitigation from the memory controller when any counter exceeds a critical threshold. While effective, the current PRAC implementation incurs significant performance overhead. Each row activation requires a Read-Modify-Write (RMW) operation to update the corresponding counter, leading to substantial timing delays and slowdowns of up to 18%. Previous work has attempted to alleviate this by decoupling counter updates and leveraging subarray-level parallelism to hide the overhead. However, these designs suffer from high area costs due to the added latches, wires, and control logic. To address this, we propose a high-performance PRAC implementation based on One-Hot Encoding, which eliminates RMW operations, ensures precise activation counting, and reduces hardware complexity, thereby significantly lowering both performance and implementation overheads compared to existing solutions.

2. DRAMSec

   CnC-PRAC: Coalesce, not Cache, Per Row Activation Counts for an Efficient in-DRAM Rowhammer Mitigation

   Chris S. Lin, Jeonghyun Woo, Prashant J. Nair, and Gururaj Saileshwar

   In Fifth Workshop on DRAM Security (DRAMSec), co-located with ISCA 2025, 2025

   Abs arXiv PDF

   

   JEDEC has introduced the Per Row Activation Counting (PRAC) framework for DDR5 and future DRAMs to enable precise counting of DRAM row activations using per-row activation counts. While recent PRAC implementations enable holistic mitigation of Rowhammer attacks, they impose slowdowns of up to 10% due to the increased DRAM timings for performing a read-modify-write of the counter. Alternatively, recent work, Chronus, addresses these slowdowns, but incurs energy overheads due to the additional DRAM activations for counters. In this paper, we propose CnC-PRAC, a PRAC implementation that addresses both performance and energy overheads. Unlike prior works focusing on caching activation counts to reduce their overheads, our key idea is to reorder and coalesce accesses to activation counts located in the same physical row. Our design achieves this by decoupling counter access from the critical path of data accesses. This enables optimizations such as buffering counter read-modify-write requests and coalescing requests to the same row. Together, these enable a reduction in row activations for counter accesses by almost 75%-83% compared to state-of-the-art solutions like Chronus and enable a PRAC implementation with negligible slowdown and a minimal dynamic energy overhead of 0.84%-1% compared to insecure DDR5 DRAM.

2021

1. DAC

   HammerFilter: Robust Protection and Low Hardware Overhead Method for Row-Hammering

   Kwangrae Kim, Junsu Kim, Jeonghyun Woo, and Ki-Seok Chung

   In 58th ACM/IEEE Design Automation Conference (DAC), 2021

   Poster

2019

1. KICS

   A Method to Find the Optimal Probability for Probability-driven Additional Row Refresh to Prevent DRAM Row Hammering

   Jeonghyun Woo and Ki-Seok Chung

   In The Korean Institute of Communications and Information Sciences Winter Conference, 2019

2017

1. KICS

   Implementation of an FPGA-based CNN Accelerator using SDSoC

   Changwoo Lee^*, Jeonghyun Woo^*, and Ki-Seok Chung

   In The Korean Institute of Communications and Information Sciences Fall Conference, 2017

   Code