CloudSec
Hardware-assisted Self-repairing in Decentralized Cloud Storage against Malicious Attacks
Project Descriptions:
A decentralized cloud storage system eliminates the need of dedicated computing infrastructures by allowing peers which have spare storage space to join the network and to provide storage services. Compared to a conventional centralized cloud storage system, it can bring significant benefits including cheaper storage cost, better fault tolerance, greater scalability, as well as more efficient data storing and retrieval. While bringing immense benefits, the decentralized cloud storage system also raises significant security concerns, as storage peers are more likely to misbehave since they are hosted by individual users who are less reputable and less skillful in security. This project thus takes an essential step towards protecting the long-term integrity of the critical data outsourced to the emerging decentralized cloud. The project's novelties are 1) enabling a new self-repair concept in the decentralized cloud and 2) developing a hardware-assisted secure decentralized cloud storage system supporting the self-repair. The project's broader significance and importance includes protecting critical digital assets outsourced to the untrusted cloud, training graduate students, and reaching out to underrepresented minority students.
The project aims to develop the first hardware-assisted self-repairing decentralized cloud storage system against malicious attacks. It resolves a fundamental conflict between the requirement of long-term integrity guarantee and the lack of trust in a decentralized setting, by leveraging the trusted execution environment (TEE) and the flash translation layer (FTL). Especially, the following research tasks are conducted: 1) enabling secure self-repair in each storage peer by collaborating the TEE and the FTL; 2) enabling secure self-repair across multiple untrusted storage peers by leveraging the TEE; and 3) building a fully functioning secure decentralized cloud storage system with self-repair support.
Members:
Bo Chen (PI)
Zhenlin Wang (co-PI)
Caleb Rother (PhD student)
Niusen Chen (PhD student, graduated in Fall 2023 with PhD degree, will join University of Wisconsin-La Crosse as a tenure-track assistant professor)
Josh Dafoe (REU student)
Job Siy (REU student)
Alyssa Van Gorkom (REU student, Fall 2023)
Publications:
[2023] Josh Dafoe, Harsh Singh, Niusen Chen, and Bo Chen. Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous Vehicles. 2023 EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP '23), Chicago, IL, October 2023.
[2023] Josh Dafoe, Niusen Chen, and Bo Chen. Poster: A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. 2023 IEEE Symposium on Security and Privacy (S&P '23), San Francisco, CA, May 2023 (extended abstract).
[2023] Caleb Rother, and Bo Chen. Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. 2023 IEEE Symposium on Security and Privacy (S&P '23), San Francisco, CA, May 2023 (extended abstract).
[2017] Bo Chen and Reza Curtmola. Remote Data Integrity Checking with Server-Side Repair. Journal of Computer Security, vol. 25, no. 6, pp. 537-584, 2017.
[2015] Bo Chen, Anil Kumar Ammula, and Reza Curtmola. Towards Server-side Repair for Erasure Coding-based Distributed Storage Systems. The Fifth ACM Conference on Data and Application Security and Privacy (CODASPY ’15), San Antonio, TX, USA, March 2015.
[2013] Bo Chen and Reza Curtmola. Towards Self-Repairing Replication-Based Storage Systems Using Untrusted Clouds. The Third ACM Conference on Data and Application Security and Privacy (CODASPY ’13), San Antonio, TX, USA, Feb. 2013 (Acceptance rate: 22.4%) (Outstanding Paper Award).
Presentations:
[2024] Josh Dafoe. A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. Michigan Technological University 2024 Undergraduate Research & Scholarship Symposium, Houghton, MI, March 2024.
[2024] Caleb Rother. Your Access Control Data Is Recoverable Even If Your OS Is Compromised. MTU Cybersecurity Colloquium, Houghton, MI, March 2024.
[2023] Niusen Chen. Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous Vehicles. 2023 EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP '23), Chicago, IL, October 2023.
[2023] Caleb Rother. Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. Showcase [AI] Poster Session, Houghton, MI, October 2023.
[2023] Josh Dafoe. Poster: A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. Showcase [AI] Poster Session, Houghton, MI, October 2023.
[2023] Josh Dafoe. Ransomware Defense via File System Forensics and Flash Data Extraction. 2023 Flash Memory Summit, Santa Clara, CA, August 2023.
[2023] Bo Chen. Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. 2023 IEEE Symposium on Security and Privacy (S&P '23) Poster Session, San Francisco, CA, May 2023.
[2023] Bo Chen. Poster: A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. 2023 IEEE Symposium on Security and Privacy (S&P '23) Poster Session, San Francisco, CA, May 2023, March 2023.
[2023] Caleb Rother. Storj: A Peer-to-Peer Cloud Storage Network. MTU CS Cybersecurity Reading Group, March 2023.
Education:
[2023] The project was integrated into Cybersecurity Track of 2023 MTU Women in Computer Science Summer Youth Programs, in which we taught female students from local high schools to program the flash translation layer (FTL) to incorporate security features (slide).
[2023] The project was integrated into CS5740/4740 (Development of Trusted Software) during Spring 2023 as a special topic on data security (slide).
[2023] The project was integrated into CS5472 (Advanced Topics in Computer Security) during Spring 2023 as advanced topics on cloud computing security and secure hardware (slide1, slide2, slide3).
Other educational activities
Outreach:
Outreach activities
CyberCorps®: Scholarship for Service (SFS) Program at Michigan Tech
Funding:
This material is based upon work supported by the National Science Foundation under Grant Number 2225424: "SaTC: CORE: Small: Hardware-assisted Self-repairing in Decentralized Cloud Storage against Malicious Attacks", 10/2022-09/2025. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
Project Descriptions:
A decentralized cloud storage system eliminates the need of dedicated computing infrastructures by allowing peers which have spare storage space to join the network and to provide storage services. Compared to a conventional centralized cloud storage system, it can bring significant benefits including cheaper storage cost, better fault tolerance, greater scalability, as well as more efficient data storing and retrieval. While bringing immense benefits, the decentralized cloud storage system also raises significant security concerns, as storage peers are more likely to misbehave since they are hosted by individual users who are less reputable and less skillful in security. This project thus takes an essential step towards protecting the long-term integrity of the critical data outsourced to the emerging decentralized cloud. The project's novelties are 1) enabling a new self-repair concept in the decentralized cloud and 2) developing a hardware-assisted secure decentralized cloud storage system supporting the self-repair. The project's broader significance and importance includes protecting critical digital assets outsourced to the untrusted cloud, training graduate students, and reaching out to underrepresented minority students.
The project aims to develop the first hardware-assisted self-repairing decentralized cloud storage system against malicious attacks. It resolves a fundamental conflict between the requirement of long-term integrity guarantee and the lack of trust in a decentralized setting, by leveraging the trusted execution environment (TEE) and the flash translation layer (FTL). Especially, the following research tasks are conducted: 1) enabling secure self-repair in each storage peer by collaborating the TEE and the FTL; 2) enabling secure self-repair across multiple untrusted storage peers by leveraging the TEE; and 3) building a fully functioning secure decentralized cloud storage system with self-repair support.
Members:
Bo Chen (PI)
Zhenlin Wang (co-PI)
Caleb Rother (PhD student)
Niusen Chen (PhD student, graduated in Fall 2023 with PhD degree, will join University of Wisconsin-La Crosse as a tenure-track assistant professor)
Josh Dafoe (REU student)
Job Siy (REU student)
Alyssa Van Gorkom (REU student, Fall 2023)
Publications:
[2023] Josh Dafoe, Harsh Singh, Niusen Chen, and Bo Chen. Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous Vehicles. 2023 EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP '23), Chicago, IL, October 2023.
[2023] Josh Dafoe, Niusen Chen, and Bo Chen. Poster: A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. 2023 IEEE Symposium on Security and Privacy (S&P '23), San Francisco, CA, May 2023 (extended abstract).
[2023] Caleb Rother, and Bo Chen. Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. 2023 IEEE Symposium on Security and Privacy (S&P '23), San Francisco, CA, May 2023 (extended abstract).
[2017] Bo Chen and Reza Curtmola. Remote Data Integrity Checking with Server-Side Repair. Journal of Computer Security, vol. 25, no. 6, pp. 537-584, 2017.
[2015] Bo Chen, Anil Kumar Ammula, and Reza Curtmola. Towards Server-side Repair for Erasure Coding-based Distributed Storage Systems. The Fifth ACM Conference on Data and Application Security and Privacy (CODASPY ’15), San Antonio, TX, USA, March 2015.
[2013] Bo Chen and Reza Curtmola. Towards Self-Repairing Replication-Based Storage Systems Using Untrusted Clouds. The Third ACM Conference on Data and Application Security and Privacy (CODASPY ’13), San Antonio, TX, USA, Feb. 2013 (Acceptance rate: 22.4%) (Outstanding Paper Award).
Presentations:
[2024] Josh Dafoe. A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. Michigan Technological University 2024 Undergraduate Research & Scholarship Symposium, Houghton, MI, March 2024.
[2024] Caleb Rother. Your Access Control Data Is Recoverable Even If Your OS Is Compromised. MTU Cybersecurity Colloquium, Houghton, MI, March 2024.
[2023] Niusen Chen. Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous Vehicles. 2023 EAI International Conference on Security and Privacy in Cyber-Physical Systems and Smart Vehicles (SmartSP '23), Chicago, IL, October 2023.
[2023] Caleb Rother. Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. Showcase [AI] Poster Session, Houghton, MI, October 2023.
[2023] Josh Dafoe. Poster: A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. Showcase [AI] Poster Session, Houghton, MI, October 2023.
[2023] Josh Dafoe. Ransomware Defense via File System Forensics and Flash Data Extraction. 2023 Flash Memory Summit, Santa Clara, CA, August 2023.
[2023] Bo Chen. Poster: Your Access Control List Is Recoverable Even if Your OS Is Compromised. 2023 IEEE Symposium on Security and Privacy (S&P '23) Poster Session, San Francisco, CA, May 2023.
[2023] Bo Chen. Poster: A Self-auditing Protocol for Decentralized Cloud Storage via Trusted Hardware Components. 2023 IEEE Symposium on Security and Privacy (S&P '23) Poster Session, San Francisco, CA, May 2023, March 2023.
[2023] Caleb Rother. Storj: A Peer-to-Peer Cloud Storage Network. MTU CS Cybersecurity Reading Group, March 2023.
Education:
[2023] The project was integrated into Cybersecurity Track of 2023 MTU Women in Computer Science Summer Youth Programs, in which we taught female students from local high schools to program the flash translation layer (FTL) to incorporate security features (slide).
[2023] The project was integrated into CS5740/4740 (Development of Trusted Software) during Spring 2023 as a special topic on data security (slide).
[2023] The project was integrated into CS5472 (Advanced Topics in Computer Security) during Spring 2023 as advanced topics on cloud computing security and secure hardware (slide1, slide2, slide3).
Other educational activities
Outreach:
Outreach activities
CyberCorps®: Scholarship for Service (SFS) Program at Michigan Tech
Funding:
This material is based upon work supported by the National Science Foundation under Grant Number 2225424: "SaTC: CORE: Small: Hardware-assisted Self-repairing in Decentralized Cloud Storage against Malicious Attacks", 10/2022-09/2025. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.