College of Computing student Caleb Rother will present his Final Oral Examination (thesis defense) for his Master of Science in Computer Science (MS Thesis Defense), and his Research Qualifying Evaluation (RQE) for his PhD in Computer Science, on Wednesday, July 10, 2024, at 11 am in Rekhi 214 and via Zoom online meeting.
The title of Rother’s talk is, “Recovering Access Control via Disk Forensics on Low-Level Flash Memory.”
Talk Abstract
In the history of access control, nearly every system designed has relied on the operating system (OS) to enforce the access control protocols. However, if the OS (and specifically root access) is compromised, there are few if any solutions that can get users back into their system efficiently. In this work, we have proposed a novel approach that allows secure and efficient rollback of file access control after an adversary compromises the OS and corrupts the access control metadata. Our key observation is that the underlying flash memory typically performs out-of-place updates. Taking advantage of this unique feature, we can extract the “stale data” specific for OS access control, by performing low-level disk forensics over the raw flash memory. This allows efficiently rolling back the OS access control to a state pre-dating the compromise. To justify the feasibility of the proposed approach, we have implemented it in a computing device using file system EXT2/EXT3 and open-sourced flash memory firmware OpenNFM. We also evaluated the potential impact of our design on the original system. Experimental results indicate that the performance of the affected drive is not significantly impacted.