The threats of destructive ransomware keep increasing and current security facilities (firewall, IDS/IPS, etc.) and backup systems cannot effectively protect data from the attacks in real time. In this paper, we propose a secure container-based backup mechanism to survive destructive ransomware attacks. In the mechanism, the backup process takes place in a highly restricted local docker container and only the container can access both source and backup data stored in the local and remote storages. That is, the host is only allowed to access the source data and the container is only allowed to perform backup process without any other communications. Consequently, any other processes in the host cannot access the backup data stored in the container and the remote storage. Thus even if the host and the container are completely destroyed, the data can be recovered from the remote storage. We implemented a prototype system and confirmed that it can backup data with high usability and store the backup data securely.
各種検索
サポート
ヘルプ