October 08, 2018
Modern storage systems have been developed for decades with the security-critical foundation provided by operating system (OS). However, they are still vulnerable to malware attacks and software defects. Adversaries can obtain the OS kernel privilege or leverage software vulnerabilities to bypass, terminate or destroy current malware detection and defense systems. For instance, encryption ransomware accounts for more than half of all malware attacks today, but current software-based defense systems often fail to enable the victims to say no to ransom collectors. Therefore, it is natural to utilize hardware techniques which have been proven effective in defending against malware attacks.
This project focuses on building the next-generation secure storage systems with exploring the hardware properties of Flash to provide a zero-data-loss recovery capability. First, we aim to defend against the biggest threat – encryption ransomware – by investigating its new and emerging attack models and developing an anti- ransomware storage that has the capability of accomplishing the automated data recovery in devices. Second, this project will extend the anti-ransomware storage and propose a hardware-assisted time-traveling storage to further enhance the data integrity and vulnerability analysis. This hardware-assisted time-traveling property could be applied tor storage forensics for generating broader impact in honor of its capability of building trusted evidence chain for storage operations even in the face of anti-forensic attacks. Third, project will develop an evaluation framework to evaluate the storage security, performance, energy, and device lifetime of various storage mediums on different computing platforms that include enterprise storage systems with our proposed innovations.