Forensic Issues and Techniques to Improve Security in SSD with Flex Capacity Feature

12/20/2021
by   Na-Young Ahn, et al.
0

Over-provisioning technology is typically introduced as a means to improve the performance of storage systems, such as databases. The over-provisioning area is both hidden and difficult for normal users to access. This paper focuses on attack models for such hidden areas. Malicious hackers use advanced over-provisioning techniques that vary capacity according to workload, and as such, our focus is on attack models that use variable over-provisioning technology. According to these attack models, it is possible to scan for invalid blocks containing original data or malware code that is hidden in the over-provisioning area. In this paper, we outline the different forensic processes performed for each memory cell type of the over-provisioning area and disclose security enhancement techniques that increase immunity to these attack models. This leads to a discussion of forensic possibilities and countermeasures for SSDs that can change the over-provisioning area. We also present information-hiding attacks and information-exposing attacks on the invalidation area of the SSD. Our research provides a good foundation upon which the performance and security of SSD-based databases can be further improved.

READ FULL TEXT
research
01/20/2020

A Secure and Smart Framework for Preventing Ransomware Attack

Nowadays security is major concern for any user connected to the interne...
research
06/18/2019

Is Robust Design-for-Security Robust Enough? Attack on Locked Circuits with Restricted Scan Chain Access

The security of logic locking has been called into question by various a...
research
09/11/2020

Semantic-preserving Reinforcement Learning Attack Against Graph Neural Networks for Malware Detection

To address the costs of reverse engineering and signature extraction, ad...
research
02/04/2021

The Discrepancy Attack on Polyshard-ed Blockchains

Sharding, i.e. splitting the miners or validators to form and run severa...
research
08/02/2022

Security of IoT Device: Perspective Forensic/Anti-Forensic Issues on Invalid Area of NAND Flash Memory

NAND flash memory-based IoT device can potentially still leave behind or...
research
12/25/2017

Secure Network Code for Adaptive and Active Attacks with No-Randomness in Intermediate Nodes

We analyze the security for network code when the eavesdropper can conta...
research
06/10/2018

Steganography Security: Principle and Practice

This paper focuses on several theoretical issues and principles in stega...

Please sign up or login with your details

Forgot password? Click here to reset