Attack Experiment and Analysis for SSD Security Risks

In order to analyze solid state drive (SSD) security risks caused by malicious code in the flash translation layer (FTL), we classify them into five kinds of risks, including data stealing, data destruction, denial of service, attack host and performance reduction. We also analyze this kind of malicious code about its action mechanism and possible forms, and classify malicious code based on its trigger and attack load. We design malicious code and inject it into SSD, implement attack experiment on Windows platform successfully.Attacks result in SSD denial of service and data destruction.Experiment results show that this kind of SSD security risks is real problem and injecting malicious code into SSD can be very imperceptible, SSD users are unable to aware of it. At last we propose a simple and effective countermeasure for this kind of SSD security risks.