
Abstract:
As ransomware attacks have been prevalent, it becomes crucial to make anti-ransomware solutions that defend against ransomwares. In this article, we propose a new ransomware defense system, called SSD-Insider++ , which prevents users’ files from being damaged by ransomware attacks. SSD-Insider++ is embedded into an SSD controller as a form of firmware. By being separated from a host machine, it not only provides more robust data protection than software-based ones which are vulnerable to evasion attacks, but also offers interoperability with various platforms. SSD-Insider++ is composed of two novel features, ransomware detection and perfect data recovery, which are tightly integrated with each other. The detection algorithm observes I/O patterns of a host system and decides whether the host is being attacked by ransomwares in an early stage. Once an encryption attack is detected, the recovery algorithm is triggered to recover original files by leveraging a delayed deletion feature of an SSD at a low cost. Our experimental results show that SSD-Insider++ achieves high accuracy of detecting ransomwares with 0 percent FRR/FAR in most cases and provides an instant data recovery with 0 percent data loss. The overhead of running SSD-Insider++ is negligible – only 80 n s and 226 n s are spent more for handling 4-KB reads and writes, respectively.
Fachartikel

Sind alle Konvergenzen gleich?

Erhöhte Cloud-Sicherheit mit Saviynt und AWS IAM Access Analyzer

Ja, es gibt sie!! Eine Lösung zur Abwehr von Ransomware!

So sichern Unternehmen ihre MFA-Workflows gegen die neuesten Cyberangriffe

Eine Festung im Datenmeer: Cloud-Immutabilität als Schild gegen Ransomware-Bedrohungen
Studien

Studie von BlueVoyant zeigt: Cyberangriffe auf die Lieferkette wirken sich weiterhin negativ auf Unternehmen weltweit aus

Deutschland weltweit einziges Land mit schrumpfender Cyber-Belegschaft bei wachsendem Personalbedarf

Neue Trellix-Studie deckt auf: 63 Prozent der weltweiten CISOs nach Cyber-Attacke erneut betroffen

Studie: Fehlende Rechtssicherheit für Big Data und KI
