The UMBC Cyber Defense Lab presents
Ransomware is crippling industry and government alike. Paying the ransom doesn’t guarantee you’ll get your files back, but it funds the criminals who will continue on. Restoring from traditional network backups takes time, and never gets you back to the system you had before the attack. In response, we have developed a resilient, local malware restore and recovery capability, capable of quickly restoring OS images onto “bare metal” after an attack or misconfiguration, useful for many applications.
I will discuss the technical details, including a description of the Opal hard drive specification, the Trusted Computing Group’s Trusted Platform Module (TPM), and how we secure secrets needed for WUBU – Wake-Up-Back-Up. I’ll talk through some of the open-source technologies that we used to build our solution. WebEx willing, I will give a live demonstration of a ShinoLocker ransomware infection, followed by an “as if nothing ever happened” recovery that takes only ten minutes.
Russ Fink is a senior staff member at the Johns Hopkins University / Applied Physics Laboratory. His research interests include computational private information retrieval, trusted computing applications, applied cryptography, and enterprise and mission cyber resiliency techniques. He earned a Ph.D. in computer science from UMBC in 2010 working with Dr. Alan Sherman. email: *protected email*
Host: Alan T. Sherman, *protected email*. Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL Meetings:
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings and Information
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. Your choices will not impact your visit.
NOTE: Third-party Google scripts on this website may have access to cross-site third-party cookies under the google.com domain. We, the CSEE Department, do not access, read, or write these third-party cookies, and as a result, we do not control their presence on your browser. You may block them by using a third-party cookie blocker in your browser.
If you click Accept below to accept the general cookie consent, then a “wpgdprc-consent” cookie will be stored on your browser, to record your general consent.
If you click Accept below to accept the general cookie consent, and also have Google Analytics cookies enabled (on the sidebar to the left), the CSEE Department website will store and access Google Analytics cookies on your browser. We use the data from these cookies to collect information on website usage statistics and improve user experience. If you do not wish to allow Google Analytics cookies on your browser, then either do not click Accept on the bottom bar, or disable Google Analytics on the left.
If you log in to this website, then several Wordpress cookies and session variables will be stored on your browser. Accessing the login screen constitutes your consent to have Wordpress cookies and session variables stored on your computer.
The CSEE Department website makes use of several external scripts to improve user experience. These include, but are not necessarily limited to: Google Calendar, Google Analytics, and ReCAPTCHA. If you choose to use this website, then you agree to allow these scripts to be loaded and executed.
NOTE: These settings will only apply to the browser and device you are currently using.
Enables Google Analytics.
©2023 University of Maryland Baltimore County Computer Science and Electrical Engineering Department
1000 Hilltop Circle, ITE 325, Baltimore, Maryland 21250
College of Engineering and Information Technology
| Contact Us
| Equal Opportunity
| Consumer Information