Abstract
We present a low-overhead ransomware-proof SSD, called RansomBlocker (RBlocker). RBlocker provides 100% full protections against all possible ransomware attacks by delaying every data deletion until no attack is guaranteed. To reduce storage overheads of the delayed deletion, RBlocker employs a time-out based backup policy. Based on the fact that ransomware must store encrypted version of target files, early deletions of obsolete data are allowed if no encrypted write was detected for a short interval. Otherwise, RBlocker keeps the data for an interval long enough to guarantee no attack condition. For an accurate in-line detection of encrypted writes, we leverages entropy- and CNN-based detectors in an integrated fashion. Our experimental results show that RBlocker can defend all types of ransomware attacks with negligible overheads.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| ISBN (Electronic) | 9781450367257 |
| DOIs | |
| State | Published - 2 Jun 2019 |
| Event | 56th Annual Design Automation Conference, DAC 2019 - Las Vegas, United States Duration: 2 Jun 2019 → 6 Jun 2019 |
Publication series
| Name | Proceedings - Design Automation Conference |
|---|---|
| ISSN (Print) | 0738-100X |
Conference
| Conference | 56th Annual Design Automation Conference, DAC 2019 |
|---|---|
| Country/Territory | United States |
| City | Las Vegas |
| Period | 2/06/19 → 6/06/19 |
Bibliographical note
Publisher Copyright:© 2019 Association for Computing Machinery.