Illinois researchers add 'time-travel' feature to drives to fight ransomware attacks

May 29, 2019

One of the latest cyber threats involves hackers encrypting user files and then charging "ransom" to get them back. In the paper, "Project Almanac: A Time-Traveling Solid State Drive," University of Illinois students Chance Coats and Xiaohao Wang and Assistant Professor Jian Huang from the Coordinated Science Laboratory look at how they can use the commodity storage devices already in a computer, to save the files without having to pay the ransom.

"The paper explains how we leverage properties of flash-based storage that currently exist in most laptops, desktops, mobiles, and even IoT devices" said Coats, a graduate student in electrical and computer engineering (ECE). "The motivation was a class of malware called ransomware, where hackers will take your files, encrypt them, delete the unencrypted files and then demand money to give the files back."

The flash-based, solid-state drives Coats mentioned are part of the storage system in most computers. When a file is modified on the computer, rather than getting rid of the old file version immediately, the solid-state drive saves the updated version to a new location. Those old versions are the key to thwarting ransomware attacks. If there is an attack, the tool discussed in the paper can be used to revert to a previous version of the file. The tool would also help in the case of a user accidentally deleting one of their own files.

Like any new tool, there is a trade-off.

"When you want to write new data, it has to be saved to a free block, or block that has already been erased," said Coats. "Normally a solid-state drive would delete old versions in an effort to erase blocks in advance, but because our drive is keeping the old versions intentionally, it may have to move the old versions before writing new ones."

Coats described this as a trade-off between retention duration and storage performance. If the parameters of their new tool are set to maintain data for too long, old and unnecessary versions will be kept and take up space on the storage device. As the device fills with old file versions, the system takes longer to respond to typical storage requests and performance degrades. On the other hand, if the parameters are set to a retention window that is too narrow, users would have a quicker response time, but they may not have all of their backup files saved should a malware attack take place.

To manage this trade-off, Huang and his students built in functionality for the tool to monitor and adjust these parameters dynamically. Despite the dynamic changes to system parameters, their tool guarantees data will be retained for at least three days. This allows users the option to backup their data onto other systems within the guaranteed time-period if they choose to do so.

The idea behind their tool has gained interest at an international level. The paper about this research was published at a top-tier system conference, EuroSys, this past spring. Coats represented the group at the conference.

"Our research group really enjoys building practical computer systems; this is a great practice for our students, they will experience how our research will generate real-world impact," said Huang, an assistant professor of electrical and computer engineering at Illinois. "Moving forward, our group will look at the possibility of retaining user data in a storage device for a much longer time with lower performance overhead, and applying the time-traveling solid-state drive to wider applications such as systems debugging and digital forensics."
-end-


University of Illinois College of Engineering

Related Data Articles from Brightsurf:

Keep the data coming
A continuous data supply ensures data-intensive simulations can run at maximum speed.

Astronomers are bulging with data
For the first time, over 250 million stars in our galaxy's bulge have been surveyed in near-ultraviolet, optical, and near-infrared light, opening the door for astronomers to reexamine key questions about the Milky Way's formation and history.

Novel method for measuring spatial dependencies turns less data into more data
Researcher makes 'little data' act big through, the application of mathematical techniques normally used for time-series, to spatial processes.

Ups and downs in COVID-19 data may be caused by data reporting practices
As data accumulates on COVID-19 cases and deaths, researchers have observed patterns of peaks and valleys that repeat on a near-weekly basis.

Data centers use less energy than you think
Using the most detailed model to date of global data center energy use, researchers found that massive efficiency gains by data centers have kept energy use roughly flat over the past decade.

Storing data in music
Researchers at ETH Zurich have developed a technique for embedding data in music and transmitting it to a smartphone.

Life data economics: calling for new models to assess the value of human data
After the collapse of the blockchain bubble a number of research organisations are developing platforms to enable individual ownership of life data and establish the data valuation and pricing models.

Geoscience data group urges all scientific disciplines to make data open and accessible
Institutions, science funders, data repositories, publishers, researchers and scientific societies from all scientific disciplines must work together to ensure all scientific data are easy to find, access and use, according to a new commentary in Nature by members of the Enabling FAIR Data Steering Committee.

Democratizing data science
MIT researchers are hoping to advance the democratization of data science with a new tool for nonstatisticians that automatically generates models for analyzing raw data.

Getting the most out of atmospheric data analysis
An international team including researchers from Kanazawa University used a new approach to analyze an atmospheric data set spanning 18 years for the investigation of new-particle formation.

Read More: Data News and Data Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.