NSF Award
2317563
In the current data era, massive amount of data is generated at an unprecedented speed. The total amount of data created, and used globally in the year 2022 was estimated to be 97 zettabytes and projected to grow to 181 zettabytes by the year 2025. The extremely large data size poses enormous challenges to data operations and in particular to NAND flash memory deletion. Due to the unique architecture of NAND array, current NAND flash storage systems cannot utilize the standard overwrite-based erasure techniques but instead use a resource-light deletion operation, such as all-zero scrubbing, which could become vulnerable for data leakage. The deleted data can still be partially recovered by carefully analyzing the analog reading of the memory bits. Addressing the vulnerability of flash memory deletion requires a deeper understanding on how an adversary could exploit the analog reading of a flash memory to reconstruct the original deleted information. To achieve this goal, this research studies on how an adversary can use machine learning techniques to recover deleted information from flash storage. The project’s novelties are to apply machine learning techniques to validate the efficacy of reconstructing original data from scrubbed flash memory and to evaluate the susceptibility of various data types to adversary attacks. The project's broader significance and importance are: The research findings will led to more trusted data cleaning methods deemed secure and irrecoverable after scrubbing. The flash memory manufacturers can directly benefit from such findings and secure their memory scrubbing processes. A direct outcome of this project will be the training of two graduate students with research experiences in cybersecurity and machine learning.<br/><br/>By applying analog reading techniques to classify deleted bits as strong or weak zeros, it was shown that a deleted image in flash memory can be restored to a recognizable level. An adversary can easily use machine learning techniques to reconstruct deleted information from flash memory. The feasibility of reconstruction is greatly influenced by the detection thresholds and types of data used, as they exhibit varying degrees and types of continuity that may determine the success of ML models.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
