research-article

Project Almanac: A Time-Traveling Solid-State Drive

Authors:

Chance C. Coats,

Jian HuangAuthors Info & Claims

EuroSys '19: Proceedings of the Fourteenth EuroSys Conference 2019

Article No.: 13, Pages 1 - 16

https://doi.org/10.1145/3302424.3303983

Published: 25 March 2019 Publication History

Abstract

Preserving the history of storage states is critical to ensuring system reliability and security. It facilitates system functions such as debugging, data recovery, and forensics. Existing software-based approaches like data journaling, logging, and backups not only introduce performance and storage cost, but also are vulnerable to malware attacks, as adversaries can obtain kernel privileges to terminate or destroy them.

In this paper, we present Project Almanac, which includes (1) a time-travel solid-state drive (SSD) named TimeSSD that retains a history of storage states in hardware for a window of time, and (2) a toolkit named TimeKits that provides storage-state query and rollback functions. TimeSSD tracks the history of storage states in the hardware device, without relying on explicit backups, by exploiting the property that the flash retains old copies of data when they are updated or deleted. We implement TimeSSD with a programmable SSD and develop TimeKits for several typical system applications. Experiments, with a variety of real-world case studies, demonstrate that TimeSSD can retain all the storage states for eight weeks, with negligible performance overhead, while providing the device-level time-travel property.

References

[1]

Ahmed Abulila, Vikram Sharma Mailthody, Zaid Quresh, Jian Huang, Nam Sung Kim, Jinjun Xiong, and Wen-Mei Hwu. 2019. FlatFlash: Exploiting the Byte-Accessibility of SSDs within A Unified Memory-Storage Hierarchy. In Proceedings of the 24th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'19). Providence, RI.

Digital Library

[2]

SungHa Baek, Youngdon Jung, Aziz Mohaisen, Sungjin Lee, and Dae-Hun Nyang. 2018. SSD-Insider: Internal Defense of Solid-State Drive against Ransomware with Perfect Data Recovery. In Proceedings of 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS'18). Vienna, Austria.

[3]

Ann Chervenak, Vivekenand Vellanki, and Zachary Kurmas. 1998. Protecting file systems: A survey of backup techniques. In Proceedings of Joint NASA and IEEE Mass Storage Conference.

[4]

Hyun Jin Choi, Seung-Ho Lim, and Kyu Ho Park. 2009. JFTL: A Flash Translation Layer Based on a Journal Remapping for Flash Memory. ACM Transaction on Storage 4, 4 (Feb. 2009), 14:1--14:22.

Digital Library

[5]

Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In Proceedings of 25th USENIX Security Symposium (USENIX Security'16). Austin, TX.

Digital Library

[6]

David Devecsery, Michael Chow, Xianzheng Dou, Jason Flinn, and Peter M. Chen. 2014. Eidetic Systems. In Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation (OSDI'14) (OSDI'14). Broomfield, CO.

Digital Library

[7]

Dropbox. 2019. https://www.dropbox.com/?landing=dbv2.

[8]

G. Duzy. 2005. Match snaps to apps. In Storage, Special Issue on managing the information that drives the enterprise.

[9]

FIU Traces. 2010. http://iotta.snia.org/traces/390.

[10]

Aayush Gupta, Youngjae Kim, and Bhuvan Urgaonkar. 2009. DFTL: a flash translation layer employing demand-based selective caching of page-level address mappings. In Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating System (ASPLOS'09). Washington, DC.

Digital Library

[11]

Ryan Harris. 2006. Arriving at an Anti-forensics Consensus: Examining How to Define and Control the Anti-forensics Problem. In Proceedings of the Digital Forensic Research Conference (DFRWS'06). Lafayette, IN.

Digital Library

[12]

Jian Huang, Anirudh Badam, Laura Caulfield, Suman Nath, Sudipta Sengupta, Bikash Sharma, and Moinuddin K. Qureshi. 2017. FlashBlox: Achieving Both Performance Isolation and Uniform Lifetime for Virtualized SSDs. In Proceedings of the 15th USENIX Conference on File and Storage Technologies (FAST'17). Santa Clara, CA.

Digital Library

[13]

Jian Huang, Anirudh Badam, Moinuddin K. Qureshi, and Karsten Schwan. 2015. Unified Address Translation for Memory-mapped SSDs with FlashMap. In Proceedings of the 42nd Annual International Symposium on Computer Architecture (ISCA '15). Portland, OR.

Digital Library

[14]

Jian Huang, Jun Xu, Xinyu Xing, Peng Liu, and Moinuddin K. Qureshi. 2017. FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS'17) (CCS'17). Dallas, TX.

Digital Library

[15]

Ping Huang, Ke Zhou, Hua Wang, and Chun Hua Li. 2012. BVSSD: Build Built-in Versioning Flash-Based Solid State Drives. In Proceedings of 5th Annual International Systems and Storage Conference (SYSTOR'12). Haifa, Israel.

Digital Library

[16]

IOzone Lab. 2016. http://www.iozone.org/.

[17]

Jeffrey Katcher. 1997. PostMark: A New File System Benchmark. Technical Report (1997).

[18]

Swaroop Kavalanekar, Bruce Worthington, Qi Zhang, and Vishal Sharda. 2008. Characterization of storage workload traces from production Windows Servers. In Proceedings of IEEE International Symposium on Workload Characterization (IISWC'08). 119--128.

[19]

Amin Kharaz, Sajjad Arshad, Collin Mulliner, William Robertson, and Engin Kirda. 2016. UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware. In 25th USENIX Security Symposium (USENIX Security 16). Austin, TX.

Digital Library

[20]

Changman Lee, Dongho Sim, Joo-Young Hwang, and Sangyeun Cho. 2015. F2FS: A New File System for Flash Storage. In Proceedings of 13th USENIX Conference on File and Storage Technologies (FAST'15). Santa Clara, CA.

Digital Library

[21]

Jaeheung Lee, Sangho Yi, Junyoung Heo, Hyungbae Park, Sung Y. Shin, and Yookun Cho. 2010. An Efficient Secure Deletion Scheme for Flash File Systems. Journal of Information Science and Engineering 26, 1 (2010).

[22]

Sungjin Lee and Jihong Kim. 2014. Improving Performance and Capacity of Flash Storage Devices by Exploiting Heterogeneity of MLC Flash Memory. IEEE Trans. Comput. 63, 10 (2014), 2445--2458.

Digital Library

[23]

LibLZF. 2008. http://oldhome.schmorp.de/marc/liblzf.html.

[24]

C. B. Morrey and D. Grunwald. 2003. Peabody: the time travelling disk. In Proceedings of the 20th IEEE/11th NASA Goddard Conference on Mass Storage Systems and Technologies (MSST'03). 241--253.

Digital Library

[25]

MSR Cambridge Traces. 2008. http://iotta.snia.org/traces/388.

[26]

Kiran-Kumar Muniswamy-Reddy, Charles P. Wright, Andrew Himmer, and Erez Zadok. 2004. A Versatile and User-oriented Versioning File System. In Proceedings of the 3rd USENIX Conference on File and Storage Technologies (FAST'04) (FAST'04). San Francisco, CA.

Digital Library

[27]

Open-Source Solid-State Drive Project for Research and Education. 2017. http://www.openssd.io/.

[28]

Zachary Peterson and Randal Burns. 2005. Ext3Cow: A Time-shifting File System for Regulatory Compliance. ACM Transaction on Storage 1, 2 (May 2005), 190--212.

Digital Library

[29]

Vijayan Prabhakaran, Andrea C Arpaci-Dusseau, and Remzi H Arpaci-Dusseau. 2005. Analysis and Evolution of Journaling File Systems. In USENIX Annual Technical Conference (USENIX ATC '05). Anaheim, CA.

Digital Library

[30]

Vijayan Prabhakaran, Thomas L. Rodeheffer, and Lidong Zhou. 2008. Transactional Flash. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation (OSDI'08) (OSDI'08). San Diego, CA.

Digital Library

[31]

Price Trends of SSDs and HDDs. 2018. https://pcpartpicker.com/trends/price/internal-hard-drive/.

[32]

Sriram Raghavan. 2013. Digital forensic research: current state of the art. CSI Transactions on ICT (2013).

[33]

Samsung. 2013. Samsung SSD 840 EVO Data Sheet. White Paper (2013).

[34]

Nolen Scaife, Henry Carter, Patrick Traynor, and Kevin RB Butler. 2016. Cryptolock (and drop it): stopping ransomware attacks on user data. In Distributed Computing Systems (ICDCS), 2016 IEEE 36th International Conference on. IEEE, 303--312.

[35]

Kai Shen, Stan Park, and Men Zhu. 2014. Journaling of Journal Is (Almost) Free. In Proceedings of the 12th USENIX Conference on File and Storage Technologies (FAST'14). Santa Clara, CA.

Digital Library

[36]

Shore-MT. 2014. https://sites.google.com/view/shore-mt/.

[37]

SSD prices plummet again, Close in on HDDs. 2016. http://www.pcworld.com/article/3040591/storage/ssd-prices-plummet-again-close-in-on-hdds.html.

[38]

John D. Strunk, Garth R. Goodson, Michael L. Scheinholtz, Craig A. N. Soules, and Gregory R. Ganger. 2000. Self-securing Storage: Protecting Data in Compromised System. In Proceedings of the 4th USENIX Conference on Symposium on Operating System Design & Implementation (OSDI'00) (OSDI'00). San Diego, CA.

Digital Library

[39]

Sriram Subramanian, Swaminathan Sundararaman, Nisha Talagala, Andrea C. Arpaci-Dusseau, and Remzi H. Arpaci-Dusseau. 2014. Snapshots in a flash with ioSnap. In Proceedings of the European Conference on Computer Systems (EuroSys'14). Amsterdam, Netherlands.

Digital Library

[40]

Ken Takeuchi. 2008. Solid-state Drive and Memory System Innovation. Lecture (2008).

[41]

The best cheap SSD deals in May 2018. 2018. https://www.techradar.com/news/cheap-ssd-deals.

[42]

Michael Virable, Stefan Savage, and Geoffrey M. Voelker. 2012. BlueSky: A Cloud-Backed File System for the Enterprise. In Proc. 10th USENIX conference on File and Storage Technologies (FAST'12). San Jose, CA.

Digital Library

[43]

WannaCry Ransomware Attack. 2017. https://en.wikipedia.org/wiki/WannaCry_ransomware_attack.

[44]

Michael Yung Chung Wei, Laura M Grupp, Frederick E Spada, and Steven Swanson. 2011. Reliably Erasing Data from Flash-Based Solid State Drives. In Procceedings of 9th USENIX Conference on File and Storage Technologies (FAST'11). San Jose, CA.

Digital Library

[45]

Guanying Wu and Xubin He. 2012. Delta-FTL: Improving SSD Lifetime via Exploiting Content Locality. In Proceedings of the 7th ACM European Conference on Computer Systems (EuroSys'12). Bern, Switzerland.

Digital Library

[46]

Dongpeng Xu, Jiang Ming, and Dinghao Wu. 2017. Cryptographic Function Detection in Obfuscated Binaries via Bit-precise Symbolic Loop Mapping. In Proc. 38th IEEE Symposium on Security and Privacy (Oakland'17). San Jose, CA.

[47]

Jingpei Yang, Ned Plasson, Greg Gillis, Nisha Talagala, and Swaminathan Sundararaman. 2014. Don't Stack Your Log On My Log. In 2nd Workshop on Interactions of NVM/Flash with Operating Systems and Workloads (INFLOW'14). Broomfield, CO.

[48]

Qing Yang and Jin Ren. 2011. I-CASH: Intelligently Coupled Array of SSD and HDD. In Proceedings of the 2011 IEEE 17th International Symposium on High Performance Computer Architecture (HPCA'11).

Digital Library

[49]

Qing Yang, Weijun Xiao, and Jin Ren. 2006. TRAP-Array: A Disk Array Architecture Providing Timely Recovery to Any Point-in-time. In Proceedings of the 33rd International Symposium on Computer Architecture (ISCA'06). 289--301.

Digital Library

Cited By

Ghiasi NSadrosadati MMustafa HGollwitzer AFirtina CEudine JMao HLindegger JCavlak MAlser MPark JMutlu O(2024)MegIS: High-Performance, Energy-Efficient, and Low-Cost Metagenomic Analysis with In-Storage Processing2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA59077.2024.00054(660-677)Online publication date: 29-Jun-2024
https://doi.org/10.1109/ISCA59077.2024.00054
Enomoto SKuzuno HYamada HShiraishi YMorii M(2024)Early mitigation of CPU-optimized ransomware using monitoring encryption instructionsInternational Journal of Information Security10.1007/s10207-024-00892-223:5(3393-3413)Online publication date: 30-Jul-2024
https://doi.org/10.1007/s10207-024-00892-2
Dafoe JSingh HChen NChen B(2024)Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous VehiclesSecurity and Privacy in Cyber-Physical Systems and Smart Vehicles10.1007/978-3-031-51630-6_2(15-33)Online publication date: 5-Feb-2024
https://doi.org/10.1007/978-3-031-51630-6_2
Show More Cited By

Index Terms

Project Almanac: A Time-Traveling Solid-State Drive

Recommendations

CosaFS: A Cooperative Shingle-Aware File System
Special Issue on MSST 2017 and Regular Papers

In this article, we design and implement a cooperative shingle-aware file system, called CosaFS, on heterogeneous storage devices that mix solid-state drives (SSDs) and shingled magnetic recording (SMR) technology to improve the overall performance of ...
Read-Performance Optimization for Deduplication-Based Storage Systems in the Cloud

Data deduplication has been demonstrated to be an effective technique in reducing the total data transferred over the network and the storage space in cloud backup, archiving, and primary storage systems, such as VM (virtual machine) platforms. However, ...
BetrFS: a compleat file system for commodity SSDs
EuroSys '22: Proceedings of the Seventeenth European Conference on Computer Systems

Despite the existence of file systems tailored for flash and over a decade of research into flash file systems, this paper shows that no single Linux file system performs consistently well on a commodity SSD across different workloads. We define a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EuroSys '19: Proceedings of the Fourteenth EuroSys Conference 2019

March 2019

714 pages

ISBN:9781450362818

DOI:10.1145/3302424

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 March 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

EuroSys '19

Sponsor:

SIGOPS

EuroSys '19: Fourteenth EuroSys Conference 2019

March 25 - 28, 2019

Dresden, Germany

Acceptance Rates

Overall Acceptance Rate 241 of 1,308 submissions, 18%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
661
Total Downloads

Downloads (Last 12 months)98
Downloads (Last 6 weeks)12

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ghiasi NSadrosadati MMustafa HGollwitzer AFirtina CEudine JMao HLindegger JCavlak MAlser MPark JMutlu O(2024)MegIS: High-Performance, Energy-Efficient, and Low-Cost Metagenomic Analysis with In-Storage Processing2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA59077.2024.00054(660-677)Online publication date: 29-Jun-2024
https://doi.org/10.1109/ISCA59077.2024.00054
Enomoto SKuzuno HYamada HShiraishi YMorii M(2024)Early mitigation of CPU-optimized ransomware using monitoring encryption instructionsInternational Journal of Information Security10.1007/s10207-024-00892-223:5(3393-3413)Online publication date: 30-Jul-2024
https://doi.org/10.1007/s10207-024-00892-2
Dafoe JSingh HChen NChen B(2024)Enabling Real-Time Restoration of Compromised ECU Firmware in Connected and Autonomous VehiclesSecurity and Privacy in Cyber-Physical Systems and Smart Vehicles10.1007/978-3-031-51630-6_2(15-33)Online publication date: 5-Feb-2024
https://doi.org/10.1007/978-3-031-51630-6_2
Li DSun JHuang J(2023)Learning to Drive Software-Defined Solid-State DrivesProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3614281(1289-1304)Online publication date: 28-Oct-2023
https://dl.acm.org/doi/10.1145/3613424.3614281
Sun JLi SSun YSun CVucinic DHuang JAamodt TJerger NSwift M(2023)LeaFTL: A Learning-Based Flash Translation Layer for Solid-State DrivesProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3575693.3575744(442-456)Online publication date: 27-Jan-2023
https://dl.acm.org/doi/10.1145/3575693.3575744
Seneviratne YSeemakhupt KLiu SKhan SFedorova ANarayanan DDi Luna GQuerzoni L(2023)NearPM: A Near-Data Processing System for Storage-Class ApplicationsProceedings of the Eighteenth European Conference on Computer Systems10.1145/3552326.3587456(751-767)Online publication date: 8-May-2023
https://dl.acm.org/doi/10.1145/3552326.3587456
Zhou CGuo LHou YMa ZZhang QWang MLiu ZJiang Y(2023)Limits of I/O Based Ransomware Detection: An Imitation Based Attack2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179372(2584-2601)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179372
Xie WChen NChen B(2023)Enabling Accurate Data Recovery for Mobile Devices Against Malware AttacksSecurity and Privacy in Communication Networks10.1007/978-3-031-25538-0_23(431-449)Online publication date: 4-Feb-2023
https://doi.org/10.1007/978-3-031-25538-0_23
Wu JWang YWang JWang HLin T(2023)How does solid‐state drives cluster perform for distributed file systems: An empirical studyConcurrency and Computation: Practice and Experience10.1002/cpe.770935:21Online publication date: Apr-2023
https://doi.org/10.1002/cpe.7709
Reidys BLiu PHuang JFalsafi BFerdman MLu SWenisch T(2022)RSSD: defend against ransomware with hardware-isolated network-storage codesign and post-attack analysisProceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3503222.3507773(726-739)Online publication date: 28-Feb-2022
https://dl.acm.org/doi/10.1145/3503222.3507773
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents