Algorithms, Available technologies, Information and communications technology (ICT)

TRUSTED WRITE PROTECTION AGAINST RANSOMWARE ATTACKS USING A DYNAMIC ROOT OF TRUST MEASUREMENT (DRTM)

INUKSHUKTM protects user data against most advanced ransomware attacks, without using an online backup system or requiring any new hardware changes, INUKSHUK uses off-the-shelf hardware.

The main challenges in cybersecurity against ransomware attacks:

  • Growing evolution of ransomware, motivated by direct monetization.
  • Current products fail against rootkit ransomware attacks
  • Root-privileged ransomware can defeat user-privileged and root-privileged defenses.
  • New emerging ransomware is always one step ahead.
  • Most of detection-based mechanisms are often too late in protecting user data.

New cybersecurity strategy at the level of primitive material (hardware)

  • InukshukTM is Off with defenses, On with immunization.
  • Hardware-enforced write-protection
  • Even ransomware with highest software privilege cannot modify user data.
  • Use a dynamic root of trust measurement (DRTM) for write protection.
  • User data is only appended, and modification and deletion are versioned, and is immune to ransomware’s encryption.
  • A patent pending technology developed by prof. Mohammad Mannan and Lyaning Zhao at Concordia University.

Trusted write protection demonstrate effective cybersecurity protection advantages

  • Offer user data immunization against all virus and malware, including ransomware.
  • Cost effective
  • Uses commercial off the shelf Self Encrypted Drive (SED).
  • DRTM makes InukshukTM independent of most computer firmware, such as UEFI/BIOS.
  • No access overhead for data in use, only synchronizes in batch at idle time.
  • Can be implemented on common platforms: Windows, Linux, Apple OS…

Business opportunity in Cybersecurity

  • Technology available for licensing.
  • Co-development for specific platform implementation.

CONTACT

If you are interested by this technology, please contact :
Duc LeVan, Director Business Development
dlevan@aligo.ca, (514) 840-1226, Ext. 3003

UNIVERSITY

Concordia University

Main inventors

Mohammad Mannan & Lyaning Zhao

Prof. Mannan’s photo, he is an associate professor in Concordia Institute for Information Systems Engineering

Pragasen Pillay
Professor and NSERC/Hydro-Québec Senior Industrial Research Chair

Prof. Mannan is a professor in Concordia Institute for Information Systems Engineering. His Research interests are Anti-surveillance tools, authentication, mobile platform security, trusted computing, privacy, usable security, email and social networking, malicious software, OS/hypervisor security, identity fraud, phishing, and online banking and PIN security.