FP-Rowhammer: DRAM-Based Device Fingerprinting

Title of the Talk: FP-Rowhammer: DRAM-Based Device Fingerprinting
Speakers: Kaustav Goswami
Host Faculty: Dr.Shirshendu Das
Date: Nov 06, 2025
Time: 10:00 am
Venue: CS-605

Abstract: Device fingerprinting leverages attributes that capture heterogeneity in hardware and software configurations to extract unique and stable fingerprints. Fingerprinting countermeasures attempt to either present a uniform fingerprint across different devices through normalization or present different fingerprints for the same device each time through obfuscation. We proposed FP-Rowhammer, a Rowhammer-based device fingerprinting approach that can build unique and stable fingerprints even across devices with normalized or obfuscated hardware and software configurations. To this end, FP-Rowhammer leverages the DRAM manufacturing process variation that gives rise to unique distributions of Rowhammer-induced bit flips across different DRAM modules. Our evaluation on a test bed of 98 DRAM modules shows that FP-Rowhammer achieves 99.91% fingerprinting accuracy. FP-Rowhammer’s fingerprints are also stable, with no degradation in fingerprinting accuracy over a period of ten days. We also demonstrate that FP-Rowhammer is efficient, taking less than five seconds to extract a fingerprint. FP-Rowhammer is the first Rowhammer fingerprinting approach to extract unique and stable fingerprints efficiently and at scale.

Bio: Kaustav Goswami a graduate student at the University of California, Davis who works as a graduate student researcher in the DArchR Research Group, led by Prof. Jason Lowe-Power. Previously, he completed his undergrad (B. Tech) at the Indian Institute of Information Technology Guwahati (IIIT-G) in Computer Science and Engineering degree. His research interest and experience lie in the domain of computer architecture, especially memory devices and simulators. He believes this is an amazing time to work on memory sub-systems, mainly because these devices are slow, but also, these devices aren’t as secure as we previously imagined. His current research is focused on protecting address spaces in shared disaggregated memory and understanding the implications of the memory security vulnerability called the rowhammer bug. He also regularly contributes to the gem5 repository.