期刊文献+

固态硬盘安全风险分析与攻击实验

Attack Experiment and Analysis for SSD Security Risks
下载PDF
导出
摘要 为了研究固态硬盘由于闪存转换层植入恶意代码引起的安全风险,分类分析了五种安全风险,包括:数据盗取、数据销毁、拒绝服务、攻击主机和性能下降.同时研究了这类恶意代码的作用机理和可能的形式,根据触发条件和攻击负载进行了分类.通过编写恶意代码并植入到固态硬盘中,在Windows平台上成功实施了攻击实验,实现了固态硬盘拒绝服务和数据销毁.实验结果表明,这类固态硬盘安全风险确实存在,向固态硬盘中植入恶意代码的攻击手段十分隐蔽,用户难以发觉.最后,针对这类固态硬盘安全风险,提出了一种简单有效的防御对策。 In order to analyze solid state drive (SSD)security risks caused by malicious code in the flash translation layer (FTL),we classify them into five kinds of risks,including data stealing,data destruction,denial of service, attack host and performance reduction.We also analyze this kind of malicious code about its action mechanism and possible forms,and classify malicious code based on its trigger and attack load.We design malicious code and inject it into SSD,implement attack experiment on Windows platform successfully.Attacks result in SSD denial of service and data destruction.Experiment results show that this kind of SSD security risks is real problem and injecting malicious code into SSD can be very imperceptible,SSD users are unable to aware of it.At last we propose a simple and effective countermeasure for this kind of SSD security risks.
作者 刘政林 陈小强 刘文超 郑怡恺 邹雪城 LIU Zheng-lin;CHEN Xiao-qiang;LIU Wen-chao;ZHENG Yi-kai;ZOU Xue-cheng(School of Optical and Electronic Information,Huazhong University of Science and Technology,Wuhan 430074,China)
出处 《微电子学与计算机》 CSCD 北大核心 2018年第12期16-20,26,共6页 Microelectronics & Computer
基金 国家自然科学基金(61376026)
关键词 固态硬盘 闪存转换层 恶意代码 安全风险 攻击实验 solid state drive (SSD) flash translation layer (FTL) malicious code security risks attack experiment
  • 相关文献

参考文献2

二级参考文献40

  • 1景为平,徐晨,陈海进.AES密码算法的结构优化与实现[J].微电子学与计算机,2007,24(2):36-38. 被引量:13
  • 2Birrell A,Isard M,Thacker C,et al. A Design for High-Performance Flash Disks[J]. Operating Systems Review, 2007,41(2):88-93.
  • 3McGrew D,Viega J. Arbitrary Block Length(ABL) Mode:Security without Data Expansion[EB/OL]. [2010-09-28]. http:// grouper.ieee.org/groups/1619/email/pdfO0005.pdf.
  • 4Daemen J,Rijmen V. AES Proposal:Rijndael[EB/OL]. [2010-09-28]. http://www.cryptosoft.de/docs/Rijndael.pdf.
  • 5Stefan T,Feldhofer M,Popp T,et al. Area,Delay,and Power Characteristics of Standard-Cell Implementations of the AES S-Box[J]. Journal of Signal Processing System, 2006,50(2):251-261.
  • 6Wolkerstorfer J,Oswald E,Lamberger M. An ASIC Implementation of the AES S-boxes[C]//C Boyd ed. ASIACRYPT 2001. Berlin Heidelberg:Springer-Verlag, 2001:239-254.
  • 7Or Malley O, Zhang K, Radia S, et al. Hadoop security design. Sunnyvale, USA: Yahoo Inc. , Tech Report, 2009.
  • 8Kim S, Oh H, Park C, et aL Fast, energy efficient scan inside flash memory SSDs//Proceedings of the International Workshop on Accelerating Data Management Systems (ADMS). Seattle, USA, 2011.
  • 9Do J, Kee Y S, Patel J M, et al. Query processing on smart SSDs: Opportunities and challenges//Proceedings of the 2013 ACM International Conference on Management of Data (SIGMOD'13). New York, USA, 2013:1221-1230.
  • 10Kang Y, Kee Y, Miller E L, et al. Enabling cost-effective data processing with smart SSD//Proceedings of the 29th IEEE Symposium on Mass Storage Systems and Technologies (MSST'13). Long Beach, USA, 2013:1-12.

共引文献12

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部