Data Recovery from Malicious Attacks
Descriptions:
Various attacks (e.g., APT attacks, malware, ransomware) may penetrate networks and systems. They may eventually cause damage to mission-critical data, and significantly affect daily operations of organizations, enterprises, federal agencies as well as military departments. The goal of this project is to design novel techniques to efficiently detect and identify malicious attacks, eliminate attacks, and restore system being hacked to a good previous state. Our major tasks are:
1) Attacks/malware detection and identification. This task aims to detect malicious attacks timely. In addition, the nature of attacks should be identified and reported.
2) Attacks/malware elimination. This task aims to completely eliminate attacks/malware from the affected system.
3) System restoration. This task aims to enable fast restoration of both external storage and memory.
Projects:
Hardware-assisted Self-repairing in Decentralized Cloud Storage against Malicious Attacks (PI: Bo Chen, co-PI: Zhenlin Wang, Supported by US National Science Foundation under Grant No. 2225424, Oct 2022 - Sept 2025).
Enabling Secure Data Recovery for Mobile Devices against Malicious Attacks (PI: Bo Chen, Supported by US National Science Foundation under Grant No. 1938130, Oct 2019 - Sept 2022).
Mitigating Ransomware Attacks by Leveraging Isolation Techniques (PI: Bo Chen, Supported by FedEx Institute of Technology at the University of Memphis, Jan 2017 - Dec 2017).
Publications:
[Cybersecurity '24] Josh Dafoe, Niusen Chen, Bo Chen, and Zhenlin Wang. Enabling Per-file Data Recovery from Ransomware Attacks via File System Forensics and Flash Translation Layer Data Extraction. Cybersecurity, 2024.
[SmartSP '24] Josh Dafoe, Job Siy, Niusen Chen, and Bo Chen. Hardware-assisted Runtime In-vehicle ECU Firmware Self-attestation and Self-repair. 2024 EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP '24), New Orleans, LA, November 2024 (
Best Paper Award).
[JCP '24] Caleb Rother, and Bo Chen. Reversing File Access Control Using Disk Forensics on Low-Level Flash Memory. J. Cybersecur. Priv. 2024, 4(4), 805-822; https://doi.org/10.3390/jcp4040038.
[SmartSP '23] Josh Dafoe, Harsh Singh, Niusen Chen, and Bo Chen.
Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous Vehicles. 2023 EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP '23), Chicago, IL, October 2023.
[S&P '23] Caleb Rother, and Bo Chen.
Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. 2023 IEEE Symposium on Security and Privacy (S&P '23) Poster Session, San Francisco, CA, May 2023.
[CCS '22] Niusen Chen, Josh Dafoe, and Bo Chen.
Poster: Data Recovery from Ransomware Attacks via File System Forensics and Flash Translation Layer Data Extraction. 2022 ACM Conference on Computer and Communications Security (CCS '22) Poster Session, Los Angeles, CA, November 2022.
[SecureComm '22] Wen Xie, Niusen Chen, and Bo Chen. Enabling Accurate Data Recovery for Mobile Devices against Malware Attacks. 18th EAI International Conference on Security and Privacy in Communication Networks (SecureComm '22), Kansas City, Missouri, October 2022.
[JCP '22] Niusen Chen, and Bo Chen. Defending against OS-level Malware in Mobile Devices via Real-time Malware Detection and Storage Restoration. Journal of Cybersecurity and Privacy 2, no. 2 (2022): 311-328.
[SCI '21] Niusen Chen, Wen Xie, and Bo Chen. Combating the OS-level Malware in Mobile Devices by Leveraging Isolation and Steganography. The Second ACNS Workshop on Secure Cryptographic Implementation (SCI '21)(in conjunction with ACNS '21), Kamakura, Japan, June 2021.
[S&P '20] Wen Xie, Niusen Chen, and Bo Chen. Incorporating Malware Detection into The Flash Translation Layer. 2020 IEEE Symposium on Security and Privacy (S&P '20) Poster Session, San Francisco (online), CA, May 2020.
[CODASPY '19] Peiying Wang, Shijie Jia, Bo Chen, Luning Xia and Peng Liu. MimosaFTL: Adding Secure and Practical Ransomware Defense Strategy to Flash Translation Layer. The Ninth ACM Conference on Data and Application Security and Privacy (CODASPY '19), Dallas, TX, USA, March 2019 (Acceptance rate: 23.5%).
[ACSAC ’17] Le Guan, Shijie Jia, Bo Chen, Fengwei Zhang, Bo Luo, Jingqiang Lin, Peng Liu, Xinyu Xing, and Luning Xia. Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices. 2017 Annual Computer Security Applications Conference (ACSAC ’17), Orlando, Florida, USA, December 2017 (Acceptance rate: 19.7%) (
Distinguished Paper Award)
[SSCI ’17] Kul Prasad Subedi, Daya Ram Budhathoki, Bo Chen, and Dipankar Dasgupta. RDS3: Ransomware Defense Strategy by Using Stealthily Spare Space. The 2017 IEEE Symposium Series on Computational Intelligence (SSCI ’17), Hawaii, USA, Nov. 27 - Dec. 1, 2017.
[JoCS ’17] Bo Chen and Reza Curtmola. Remote Data Integrity Checking with Server-Side Repair. Journal of Computer Security, vol. 25, no. 6, pp. 537-584, 2017
[Elsevier Book ’17] Bo Chen, Reza Curtmola, and Jun Dai. Auditable Version Control Systems in Untrusted Public Clouds. Book Chapter, in Software Architectures for Cloud and Big Data, Ivan Mistrik, Rami Bahsoon, Nour Ali, Maritta Heisel, Bruce Maxim (eds.), Elsevier - Morgan Kaufmann, June 2017
[CRC Book ’16] Reza Curtmola and Bo Chen. Availability, Recovery and Auditing Across Data Centers. Book Chapter, in Cloud Computing Security: Foundations and Challenges, John Vacca (editor), CRC Press, August 2016
[CRC Book ’16] Reza Curtmola and Bo Chen. Integrity Assurance for Data Outsourcing. Book Chapter, in Cloud Computing Security: Foundations and Challenges, John Vacca (editor), CRC Press, August 2016
[CODASPY ’15] Bo Chen, Anil Kumar Ammula, and Reza Curtmola. Towards Server-side Repair for Erasure Coding-based Distributed Storage Systems. The Fifth ACM Conference on Data and Application Security and Privacy (CODASPY ’15), San Antonio, TX, USA, March 2015
[NDSS ’14] Bo Chen and Reza Curtmola. Auditable Version Control Systems. The 21th Annual Network and Distributed System Security Symposium (NDSS ’14), San Diego, CA, USA, Feb. 2014 (Acceptance rate: 18.6%)
[CODASPY ’13] Bo Chen and Reza Curtmola. Towards Self-Repairing Replication-Based Storage Systems Using Untrusted Clouds. The Third ACM Conference on Data and Application Security and Privacy (CODASPY ’13), San Antonio, TX, USA, Feb. 2013 (Acceptance rate: 22.4%) (
Outstanding Paper Award)
[SPCC ’12] Bo Chen and Reza Curtmola. Robust Dynamic Provable Data Possession. The Third International Workshop on Security and Privacy in Cloud Computing (SPCC ’12, in conjunction with ICDCS ’12), Macau, China, June 2012
[CCSW ’10] Bo Chen, Reza Curtmola, Giuseppe Ateniese, and Randal Burns. Remote Data Checking for Network Coding-based Distributed Storage Systems. The Second ACM Cloud Computing Security Workshop (CCSW ’10, in conjunction with CCS ’10), Chicago, IL, USA, October 2010