Accelerating Ransomware Defenses with Computational Storage Drive-Based API Call Sequence Classification

Document Type

Conference Proceeding

Publication Date

8-13-2024

Abstract

The rapid increase in data volume has introduced a range of problems for data centers, notably increasing their operational demands and pushing their capabilities to efficiently manage, store, and process information. Further, such large volumes of data intensify the difficulty of implementing effective and efficient ransomware detection strategies. To reduce the load on data centers' CPUs for maintaining an effective ransomware defense, and to support real-time detection, mitigation, and remediation, we introduce a method that shifts an entire Long Short-Term Memory (LSTM) classification process to Computational Storage Drives (CSDs), thus freeing the CPU for other tasks within the data center. Moreover, offloading a prompt ransomware defense directly to the CSD enables the data targeted by the ransomware to be effectively shielded from encryption attempts. We simulate our approach using the Vitis Software Platform Development Environment and show that our method performs markedly faster than traditional classification schemes on high-performance CPUs and GPUs. Furthermore, we demonstrate that our approach accurately identifies ransomware, thereby providing precise and reliable real-time detection, mitigation, and remediation capabilities.

Publication Source (Journal or Book title)

ACM International Conference Proceeding Series

First Page

8

Last Page

16

This document is currently not available here.

Share

COinS