摘要
为了缓解局域网中勒索软件造成的影响,文章提出了一种基于固态硬盘(SSD)的防范技术,将部署大容量SSD的主机作为服务器,利用网络驱动器映射技术分享给局域网中的其他主机。文章利用固态存储设备数据非原位更新、修改垃圾回收等策略进行数据备份,提出二分查找法进行数据恢复。原型系统实验结果显示,文中方案可以快速有效地恢复被勒索软件攻击的数据,并且对SSD读写性能的影响很小。
In order to alleviate the impact of ransomware in LAN,this paper proposes a SSD-based defense technology,which uses a host with a large-capacity SSD as a server,and uses network drive mapping technology to share with other hosts in the LAN to further utilize the solid state.Moreover,this paper utilized the out-of-place of the SSD and modified garbage collection for data backup,and a binary search method is proposed for data recovery.The experimental results of the prototype system show that this scheme can recover the data attacked by the ransomware quickly and effectively,and its impact of the read and write performance is samll.
作者
殷明
贾世杰
YIN Ming;JIA Shijie(First Research Institute of the Ministry of Public Security of PRC,Beijing 100048,China;State Key Laboratory of Information Security,Institute of Information Engineering,CAS,Beijing 100195,China;Data Assurance and Communication Security Research Center,CAS,Beijing 100195,China)
出处
《信息网络安全》
CSCD
北大核心
2019年第9期71-75,共5页
Netinfo Security
