Presentation is loading. Please wait.

Presentation is loading. Please wait.

Comparison to existing state of security experimentation

Published byふじきみ すずがみね Modified over 5 years ago

Similar presentations

Presentation on theme: "Comparison to existing state of security experimentation"— Presentation transcript:

1 Comparison to existing state of security experimentation
Cyber Defense Technology Experimental Research Network (DETER) The DETER testbed provides general-purpose, remotely accessible and partitionable experimental infrastructure to support the development and demonstration of next-generation information security technologies. It is designed to support repeatable experiments in computer security, especially those experiments that involve malicious code. DETER Testbed Architecture Built using Utah’s EMULAB, the DETER testbed has been configured and extended to provide stronger assurances for isolation and containment.. The DETER testbed supports a community of academic, government, and industrial researchers who collaborate and build upon one anothers prior work to run reproducible experiments on system and network attack response and countermeasures. Nodes count: 139 at USC and 62 at Berkeley (9/7/2005) Comparison to existing state of security experimentation Previous approaches Dedicated resources for each researcher. Lack of scientific rigor, poor controls. Difficult to reproduce conditions using open networks. Hard to compare results from different experiments. Danger to the internet from uncontained experiments. DETER approach Shared resources available to community of researchers. Isolation from public internet and from other experiments provides stronger controls. Provides better reproducibility of experiments. Serves as a repository for experiment inputs, traces, topology, software configuration, and network environment. Securely isolated environment for dangerous code. DETER Goals Resources: provide broad library of background & attack traffic traces, traffic & topology generators, experimental profiles, & instrumentation facilities. Reproducibility: repeatable conditions for experiment. Programmability: able to try new algorithms. Scalability: growth in nodes & interconnection of sites. Isolation: To prevent interference to experiments by other experiments or events external to testbed. Containment: To prevent exfiltration from testbed. Confidentiality & Integrity: To protect traces and other inputs, & to protect experimental results. The DETER Testbed This work was supported by funding from the National Science Foundation and the Department of Homeland Security under contract numbers ANI (DETER) and CNS (DECCOR). Opinions, findings, conclusions and recommendations expressed in this paper are those of the authors and do not necessarily reflect the views of the National Science Foundation (NSF).

Download ppt "Comparison to existing state of security experimentation"

Similar presentations

TIED: A Cluster of One TIED: Trial Integration Environment DETER built on.

TIED: A Cluster of One TIED: Trial Integration Environment DETER built on.
METHODOLOGY FOR IDENTIFYING NEAR-OPTIMAL INTERDICTION STRATEGIES FOR A POWER TRANSMISSION SYSTEM Vicki M. Bier, Eli Robert Gratz, Naraphorn J. Haphuriwat,

METHODOLOGY FOR IDENTIFYING NEAR-OPTIMAL INTERDICTION STRATEGIES FOR A POWER TRANSMISSION SYSTEM Vicki M. Bier, Eli Robert Gratz, Naraphorn J. Haphuriwat,
I would like to thank Louis P. Wilder and Dr. Joseph Trien for the opportunity to work on this project and for their continued support. The Research Alliance.

I would like to thank Louis P. Wilder and Dr. Joseph Trien for the opportunity to work on this project and for their continued support. The Research Alliance.
The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010.

The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010.
Design Deployment and Use of the DETER Testbed Terry Benzel, Robert Braden, Dongho Kim, Clifford Informatino Sciences Institute 2008. 10. 22.

Design Deployment and Use of the DETER Testbed Terry Benzel, Robert Braden, Dongho Kim, Clifford Informatino Sciences Institute
Lecture 7 Page 1 CS 236, Spring 2008 Proving It CS 236 Advanced Computer Security Peter Reiher May 13, 2008.

Lecture 7 Page 1 CS 236, Spring 2008 Proving It CS 236 Advanced Computer Security Peter Reiher May 13, 2008.
Embedded in a nanomanufacturing research center Librarians & Scholarly Communication: New Roles and Services Jessica Adamick InterNano Project Manager.

Embedded in a nanomanufacturing research center Librarians & Scholarly Communication: New Roles and Services Jessica Adamick InterNano Project Manager.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
Cluster Computing and Genetic Algorithms With ClusterKnoppix David Tabachnick.

Cluster Computing and Genetic Algorithms With ClusterKnoppix David Tabachnick.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,

A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,
Testing Intrusion Detection Systems: A Critic for the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory By.

Testing Intrusion Detection Systems: A Critic for the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory By.
A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.

A Critical Infrastructure Testbed for Cybersecurity Research and Education Ai Onda, Kalana Pothuvila, Joseph Urban, and Jordan Berg Abstract Awareness.
The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.

The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.
 An Overview of IE 4382/5382 Cybersecurity for Information Systems Susan D. Urban, Ph.D Department of Industrial Engineering Texas Tech University Lubbock,

 An Overview of IE 4382/5382 Cybersecurity for Information Systems Susan D. Urban, Ph.D Department of Industrial Engineering Texas Tech University Lubbock,
Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure Course Flow Diagrams May 2-3, 2013 Support.

Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure Course Flow Diagrams May 2-3, 2013 Support.
Safe Computing Outreach Joseph Howard Undergraduate Research Assistant 05/01/2015 Disclaimer: This research was supported by the National Science Foundation.

Safe Computing Outreach Joseph Howard Undergraduate Research Assistant 05/01/2015 Disclaimer: This research was supported by the National Science Foundation.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.

Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.

Similar presentations

Ads by Google