'Time-travel' feature added to drives to fight ransomware attacks

ScienceDaily | 5/29/2019 | Staff
cute16 (Posted by) Level 3
"The paper explains how we leverage properties of flash-based storage that currently exist in most laptops, desktops, mobiles, and even IoT devices" said Coats, a graduate student in electrical and computer engineering (ECE). "The motivation was a class of malware called ransomware, where hackers will take your files, encrypt them, delete the unencrypted files and then demand money to give the files back."

The flash-based, solid-state drives Coats mentioned are part of the storage system in most computers. When a file is modified on the computer, rather than getting rid of the old file version immediately, the solid-state drive saves the updated version to a new location. Those old versions are the key to thwarting ransomware attacks. If there is an attack, the tool discussed in the paper can be used to revert to a previous version of the file. The tool would also help in the case of a user accidentally deleting one of their own files.

Tool - Trade-off

Like any new tool, there is a trade-off.

"When you want to write new data, it has to be saved to a free block, or block that has already been erased," said Coats. "Normally a solid-state drive would delete old versions in an effort to erase blocks in advance, but because our drive is keeping the old versions intentionally, it may have to move the old versions before writing new ones."

Coats - Trade-off - Retention - Duration - Storage

Coats described this as a trade-off between retention duration and storage performance. If the parameters of their new tool are set to maintain data for too long,...
(Excerpt) Read more at: ScienceDaily
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!