SoK: Systematizing a Decade of Architectural RowHammer Defenses Through the Lens of Streaming Algorithms
Michael Jaemin Kim, Seungmin Baek, Jumin Kim, Hwayong Nam, Nam Sung Kim, Jung Ho Ahn
TL;DR
The paper tackles the FRQ problem of evolving RowHammer risks in DRAM as technology scales, introducing a systematic view that treats RH defenses through the lens of streaming algorithms. It builds a taxonomy that maps 48 architectural defenses to classical streaming techniques, and provides two practitioner guides: one to select the best algorithm for a given RH threat model and hardware context, and another to encourage designing defenses by consulting existing algorithmic foundations. Through case studies, it reveals overlooked connections (e.g., Reservoir-Sampling and Sticky-Sampling) and demonstrates how algorithmic insights can improve security guarantees and efficiency. The work offers concrete guidance for designers to balance area, energy, and security as RH thresholds tighten, and it highlights CXL, sliding windows, anomaly detection, and spatial variation as avenues for future integration. Overall, the SoK clarifies the landscape, unifies disparate defenses under a common framework, and informs the development of low-overhead, provably secure RowHammer mitigations.
Abstract
A decade after its academic introduction, RowHammer (RH) remains a moving target that continues to challenge both the industry and academia. With its potential to serve as a critical attack vector, the ever-decreasing RH threshold now threatens DRAM process technology scaling, with a superlinearly increasing cost of RH protection solutions. Due to their generality and relatively lower performance costs, architectural RH solutions are the first line of defense against RH. However, the field is fragmented with varying views of the problem, terminologies, and even threat models. In this paper, we systematize architectural RH defenses from the last decade through the lens of streaming algorithms. We provide a taxonomy that encompasses 48 different works. We map multiple architectural RH defenses to the classical streaming algorithms, which extends to multiple proposals that did not identify this link. We also provide two practitioner guides. The first guide analyzes which algorithm best fits a given RHTH, location, process technology, storage type, and mitigative action. The second guide encourages future research to consult existing algorithms when architecting RH defenses. We illustrate this by demonstrating how Reservoir-Sampling can improve related RH defenses, and also introduce StickySampling that can provide mathematical security that related studies do not guarantee.