SHIELD: New Hardware-Based Ransomware Detection System
/ 1 min read
🛡️ SHIELD: A New Approach to Ransomware Detection Using Hardware Isolation. The SHIELD architecture introduces a tamper-resistant solution for detecting ransomware and other malware by leveraging FPGA-based open-source SATA and Network Block Device (NBD) technology. Unlike traditional methods that depend on compromised hosts, SHIELD operates off-host, continuously monitoring disk activity to differentiate between benign and malicious software. It offers a framework for analyzing multi-level hardware metrics and enhances an open-source FPGA-driven SATA Host Bus Adapter to provide comprehensive data storage capabilities. Experimental results demonstrate SHIELD’s effectiveness in real-time monitoring and its potential for integration with machine learning for advanced threat mitigation in data storage devices.
