The UMBC Cyber Defense Lab presents
Ransomware is crippling industry and government alike. Paying the ransom doesn’t guarantee you’ll get your files back, but it funds the criminals who will continue on. Restoring from traditional network backups takes time, and never gets you back to the system you had before the attack. In response, we have developed a resilient, local malware restore and recovery capability, capable of quickly restoring OS images onto “bare metal” after an attack or misconfiguration, useful for many applications.
I will discuss the technical details, including a description of the Opal hard drive specification, the Trusted Computing Group’s Trusted Platform Module (TPM), and how we secure secrets needed for WUBU – Wake-Up-Back-Up. I’ll talk through some of the open-source technologies that we used to build our solution. WebEx willing, I will give a live demonstration of a ShinoLocker ransomware infection, followed by an “as if nothing ever happened” recovery that takes only ten minutes.
Russ Fink is a senior staff member at the Johns Hopkins University / Applied Physics Laboratory. His research interests include computational private information retrieval, trusted computing applications, applied cryptography, and enterprise and mission cyber resiliency techniques. He earned a Ph.D. in computer science from UMBC in 2010 working with Dr. Alan Sherman. email: *protected email*
Host: Alan T. Sherman, *protected email*. Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings:
©2020 University of Maryland Baltimore County Computer Science and Electrical Engineering Department
1000 Hilltop Circle, ITE 325, Baltimore, Maryland 21250
College of Engineering and Information Technology
| Contact Us
| Equal Opportunity