Amoeba: An Autonomous Backup and Recovery SSD for Ransomware Attack Defense
- Authors
- 이중희
- Issue Date
- Dec-2018
- Publisher
- IEEE COMPUTER SOC
- Citation
- IEEE COMPUTER ARCHITECTURE LETTERS, v.17, no.2, pp.243 - 246
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE COMPUTER ARCHITECTURE LETTERS
- Volume
- 17
- Number
- 2
- Start Page
- 243
- End Page
- 246
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/139709
- ISSN
- 1556-6056
- Abstract
- Ransomware is one of growing concerns in enterprise and government organizations, because it may cause financial damages or loss of important data. Although there are techniques to detect and prevent ransomware, an evolved ransomware may evade them because they are based on monitoring known behaviors. Ransomware can be mitigated if backup copies of data are retained in a safe place. However, existing backup solutions may be under ransomware's control and an intelligent ransomware may destroy backup copies too. They also incur overhead to storage space, performance and network traffic (in case of remote backup). In this paper, we propose an SSD system that supports automated backup, called Amoeba. In particular, Amoeba is armed with a hardware accelerator that can detect the infection of pages by ransomware attacks at high speed and a fine-grained backup control mechanism to minimize space overhead for original data backup. For evaluation, we extended the Microsoft SSD simulator to implement Amoeba and evaluated it using the realistic block-level traces, which are collected while running the actual ransomware. According to our experiments, Amoeba has negligible overhead and outperforms in performance and space efficiency over the state-of-the-art SSD, FlashGuard, which supports da
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.