The first systematization of knowledge (SoK) paper from our group will be published at IEEE S&P 2026 (47th IEEE Symposium on Security and Privacy)!

In the paper, we tried to categorize a good volume of architectural defenses against RowHammer attacks through the lens of streaming algorithms. As we wrote in the paper, the domain-level connection between streaming algorithms and RowHammer defense was previously identified in the Graphene paper, which I contributed as a co-author. We extended this understanding, mapping the majority of the existing RowHammer protection to the relevant algorithms.

The paper consists of the following three primary contributions:

1. We first categorized the architectural RowHammer solutions into three types; tracker-based, tracker-less, and cooperative.
2. We offered guides in choosing the most suitable algorithm for given circumstances.
3. We provided case studies of several prior RowHammer defenses and their corresponding algorithms, revealing previously unrecognized connections.

I am really proud of my former student, Dr. Michael Jaemin Kim at Meta, for his heroic efforts to turn my pure wish into his thesis chapter, and then into an IEEE S&P paper, which showcases his dedication over several years in the research around RowHammer mitigation solutions. Kudos to Michael and my coauthors: Seungmin Baek, Jumin Kim, Hwayong Nam, and Nam Sung Kim!

Title

SoK: Systematizing a Decade of Architectural RowHammer Defenses Through the Lens of Streaming Algorithms

Authors

Michael Jaemin Kim, Seungmin Baek, Jumin Kim, Hwayong Nam, Nam Sung Kim, and Jung Ho Ahn

Abstract

A decade after its academic introduction, RowHammer (RH) remains a moving target that continues to challenge both the industry and academia. With its potential to serve as a critical attack vector, the ever-decreasing RH threshold now threatens DRAM process technology scaling, with a superlinearly increasing cost of RH protection solutions. Due to their generality and relatively lower performance costs, architectural RH solutions are the first line of defense against RH. However, the field is fragmented with varying views of the problem, terminologies, and even threat models. In this paper, we systematize architectural RH defenses from the last decade through the lens of streaming algorithms. We provide a taxonomy that encompasses 48 different works. We map multiple architectural RH defenses to the classical streaming algorithms, which extends to multiple proposals that did not identify this link. We also provide two practitioner guides. The first guide analyzes which algorithm best fits a given RH_TH, location, process technology, storage type, and mitigative action. The second guide encourages future research to consult existing algorithms when architecting RH defenses. We illustrate this by demonstrating how Reservoir-Sampling can improve related RH defenses, and also introduce StickySampling that can provide mathematical security that related studies do not guarantee.