Litcius/Paper detail

RSSD: defend against ransomware with hardware-isolated network-storage codesign and post-attack analysis

Benjamin Reidys, Peng Liu, Jian Huang

202226 citationsDOI

Abstract

Encryption ransomware has become a notorious malware. It encrypts user data on storage devices like solid-state drives (SSDs) and demands a ransom to restore data for users. To bypass existing defenses, ransomware would keep evolving and performing new attack models. For instance, we identify and validate three new attacks, including (1) garbage-collection (GC) attack that exploits storage capacity and keeps writing data to trigger GC and force SSDs to release the retained data; (2) timing attack that intentionally slows down the pace of encrypting data and hides its I/O patterns to escape existing defense; (3) trimming attack that utilizes the trim command available in SSDs to physically erase data.

Topics & Concepts

Computer scienceRansomwareComputer securityExploitMalwareEncryptionCryptographyComputer networkOperating systemEmbedded systemAdvanced Data Storage TechnologiesSecurity and Verification in ComputingAdvanced Malware Detection Techniques