Abstract:The demand for data protection measures against unauthorized changes or deletions is steadily increasing. These measures are essential for maintaining the integrity and accessibility of data, effectively guarding against threats like ransomware attacks that focus on encrypting large volumes of stored data, as well as insider threats that involve tampering with or erasing system and access logs. Such protection measures have become crucial in today's landscape, and hardware-based solutions like Write-Once Read-Many (WORM) storage devices, have been put forth as viable options, which however impose hardware-level investments, and the impossibility to reuse the blocks of the storage devices after they have been written. In this article we propose VaultFS, a Linux-suited file system oriented to the maintenance of cold-data, namely data that are written using a common file system interface, are kept accessible, but are not modifiable, even by threads running with (effective)root-id. Essentially, these files are supported via the write-once semantic, and cannot be subject to the rewriting (or deletion) of their content up to the end of their (potentially infinite) protection life time. Hence they cannot be subject to ransomware attacks even under privilege escalation. This takes place with no need for any underlying WORM device -- since ValutFS is a pure software solution working with common read/write devices (e.g., hard disks and SSD). Also, VaultFS offers the possibility to protect the storage against Denial-of-Service (DOS) attacks, possibly caused by un-trusted applications that simply write on the file system to make its device blocks busy with non-removable content.
What problem does this paper attempt to address?
The main problem that this paper attempts to solve is data protection, especially preventing unauthorized data alteration or deletion in response to security challenges such as ransomware attacks and insider threats. Specifically:
- **Preventing ransomware attacks**: Modern ransomware encrypts a large amount of stored data, making the data inaccessible unless a ransom is paid to obtain the decryption key. VaultFS ensures that files cannot be modified or deleted once written by providing write - once semantics, thus effectively preventing ransomware attacks, even in the case of privilege escalation.
- **Maintaining the security and integrity of cold data**: Cold data refers to data that does not need to be modified once written, such as surveillance videos, financial records, court trial records, etc. These data are crucial for compliance and audit requirements, and any unauthorized alteration or deletion may bring serious consequences. VaultFS ensures that these cold data are unmodifiable after being written while maintaining their accessibility.
- **No need for dedicated hardware support**: Traditional anti - tampering measures usually rely on Write - Once Read - Many (WORM) devices, such as CD - R, DVD - R, etc. These devices are costly and cannot be reused after use. VaultFS, as a pure software solution, can achieve similar functions on common read - write devices (such as hard disks and SSDs), reducing deployment and maintenance costs.
- **Preventing Denial - of - Service (DoS) attacks**: VaultFS also provides mechanisms to prevent malicious applications from occupying storage space by continuously writing useless files, thus causing the storage device to fail to work normally. This further enhances the system's security.
In summary, this paper proposes a file system named VaultFS, aiming to provide efficient, low - cost and secure protection for cold data through write - once semantics and pure - software implementation, especially suitable for preventing ransomware and other data tampering threats.