TRUSTED WRITE PROTECTION AGAINST RANSOMWARE ATTACKS USING A DYNAMIC ROOT OF TRUST MEASUREMENT (DRTM)
INUKSHUKTM protects user data against most advanced ransomware attacks, without using an online backup system or requiring any new hardware changes, INUKSHUK uses off-the-shelf hardware.
The main challenges in cybersecurity against ransomware attacks:
- Growing evolution of ransomware, motivated by direct monetization.
- Current products fail against rootkit ransomware attacks
- Root-privileged ransomware can defeat user-privileged and root-privileged defenses.
- New emerging ransomware is always one step ahead.
- Most of detection-based mechanisms are often too late in protecting user data.
New cybersecurity strategy at the level of primitive material (hardware)
- InukshukTM is Off with defenses, On with immunization.
- Hardware-enforced write-protection
- Even ransomware with highest software privilege cannot modify user data.
- Use a dynamic root of trust measurement (DRTM) for write protection.
- User data is only appended, and modification and deletion are versioned, and is immune to ransomware’s encryption.
- A patent pending technology developed by prof. Mohammad Mannan and Lyaning Zhao at Concordia University.
Trusted write protection demonstrate effective cybersecurity protection advantages
- Offer user data immunization against all virus and malware, including ransomware.
- Cost effective
- Uses commercial off the shelf Self Encrypted Drive (SED).
- DRTM makes InukshukTM independent of most computer firmware, such as UEFI/BIOS.
- No access overhead for data in use, only synchronizes in batch at idle time.
- Can be implemented on common platforms: Windows, Linux, Apple OS…
Business opportunity in Cybersecurity
- Technology available for licensing.
- Co-development for specific platform implementation.
Mohammad Mannan & Lyaning Zhao
Professor and NSERC/Hydro-Québec Senior Industrial Research Chair
Prof. Mannan is a professor in Concordia Institute for Information Systems Engineering. His Research interests are Anti-surveillance tools, authentication, mobile platform security, trusted computing, privacy, usable security, email and social networking, malicious software, OS/hypervisor security, identity fraud, phishing, and online banking and PIN security.