Hackers are ruthless. They can take control of your computer, delete files and disappear without a trace.
FIU cybersecurity researcher Weidong Zhu has discovered a way to transform a computer's storage chip into an additional tool for cyber defense. Working with collaborators at the University of Florida, Zhu created a system that makes data on these chips last longer — extending the lifespan of your files in the critical window after your computer is compromised.
"Our system extends recoverable data history up to 126 days," said Zhu, an assistant professor at FIU's Knight Foundation School of Computing & Information Sciences whose work is part of the Center for Integrated Security, Privacy, and Trustworthy AI (CIERTA). "Even if your computer is infected, your data can survive on your drive."
Storage chips, known as solid-state drives (SSDs), have intrigued cybersecurity researchers for years. As hardware — not software — they offer unique safety benefits during an attack.
"Think of it like a vault inside a bank," Zhu said. "The bank [operating system] might get robbed, but if the vault [SSD controller] has its own independent lock and its own security guard, the robbers can't crack it just because they got past the front door."
However, turning that security potential into real-world value has proven difficult.
Repurposing a solid-state drive to do both defense and storage is tricky. Defense improvements can burden the SSDs, slowing them down and reducing performance. Without solving that problem, the chips aren't practical for cybersecurity.
"This is the problem we have solved, helping to clear the way for storage devices to become a major asset in the fight against hackers," Zhu said.
The Innovation
Current SSDs perform what engineers call "garbage collection" blindly: they have no awareness of when data was deleted, making them poor custodians of the files most likely to have been targeted in an attack.
To understand why that matters, think of the data on your computer as living across different worlds.
In the first world lives everything you use: your documents, your photos, your apps. Then, there's a world of oblivion: data there is gone forever, overwritten at the hardware level, irrecoverable by anyone.
But there is a second world in between the two. Call it the In-Between (Stranger Things fans, this one's for you): a kind of purgatory where files go after you delete them, but before the chip permanently erases them to free up space. Here, your deleted files aren't quite gone. They've lost their names and file types to conserve room on the chip, but they still exist in fragments.
This is the world that Zhu is fascinated by. If an attacker deletes or encrypts your files, you can reach into the In-Between and pull your data back out before it disappears forever.
The problem is today's SSDs manage the In-Between carelessly.
When the chip fills up past a certain threshold, it clears out deleted data to make room for new files. But it makes that decision based on efficiency alone: which data looks the most fragmented, and which takes up the most space. It has no awareness of how recently files were deleted.
That is a serious problem if your computer just suffered a ransomware attack. The files you most urgently need to recover — the ones deleted yesterday, or an hour ago — could be swept away first, while unimportant files that have been sitting untouched for weeks survive.
Zhu's system fixes this. By sequencing deleted data chronologically as it enters the chip so its position reflects its age, the SSD gains the ability to identify which files have been sitting in the In-Between the longest. The new rule for garbage collection becomes simple: oldest deleted data goes first. More recently deleted files that are the most likely to matter stay protected as long as possible.
The research shows the approach improves the data protection window by at least 60% while introducing minimal performance overhead. In other words, the system makes SSDs practical for both defense and storage.
Today, Zhu's is in talks with industry leaders on how to implement the system at scale.
"Hackers are powerful. But the storage device itself can be the last line of defense for your data. This is a new area, and we are just beginning," Zhu says.
