Design, deployment, and use of the DETER testbed

Authors:
Terry Benzel;Robert Braden;Dongho Kim;Clifford Neuman;Anthony Joseph;Keith Sklower;Ron Ostrenga;Stephen Schwab
Affiliations:
USC Information Sciences Institute;USC Information Sciences Institute;USC Information Sciences Institute;USC Information Sciences Institute;University of California at Berkeley;University of California at Berkeley;SPARTA, Inc.;SPARTA, Inc.
Venue:
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Year:
2007

Citing 12
Cited 17

A cryptographic file system for UNIX

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The Click modular router

Proceedings of the seventeenth ACM symposium on Operating systems principles
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Difficulties in simulating the internet

IEEE/ACM Transactions on Networking (TON)
A framework for classifying denial of service attacks

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Cyber defense technology networking and evaluation

Communications of the ACM - Homeland security
Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
A hybrid quarantine defense

Proceedings of the 2004 ACM workshop on Rapid malcode
An integrated experimental environment for distributed systems and networks

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
A plan for malware containment in the DETER testbed

DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
A DETER federation architecture

DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
On credibility of simulation studies of telecommunication networks

IEEE Communications Magazine

A plan for malware containment in the DETER testbed

DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Emulating an embedded firewall

DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Building a network testbed for internet security research

Journal of Computing Sciences in Colleges
Spamulator: the Internet on a laptop

Proceedings of the 13th annual conference on Innovation and technology in computer science education
Outfitting an inter-AS topology to a network emulation testbed for realistic performance tests of DDoS countermeasures

CSET'08 Proceedings of the conference on Cyber security experimentation and test
Experiences in emulating 10K AS topology with massive VM multiplexing

Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Understanding TCP incast throughput collapse in datacenter networks

Proceedings of the 1st ACM workshop on Research on enterprise networking
Experiences in developing and applying a software engineering technology testbed

Empirical Software Engineering
Role-Based Symmetry Reduction of Fault-Tolerant Distributed Protocols with Language Support

ICFEM '09 Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
AnomBench: a benchmark for volume-based internet anomaly detection

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Open CirrusTMcloud computing testbed: federated data centers for open source systems and services research

HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Mencius: building efficient replicated state machines for WANs

OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Isolated virtualised clusters: testbeds for high-risk security experimentation and training

CSET'10 Proceedings of the 3rd international conference on Cyber security experimentation and test
MACE: model-inference-assisted concolic exploration for protocol and vulnerability discovery

SEC'11 Proceedings of the 20th USENIX conference on Security
Combat model-based DDoS detection and defence using experimental testbed: a quantitative approach

International Journal of Intelligent Engineering Informatics
On efficient models for model checking message-passing distributed protocols

FMOODS'10/FORTE'10 Proceedings of the 12th IFIP WG 6.1 international conference and 30th IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
MobiCloud: a geo-distributed mobile cloud computing platform

Proceedings of the 8th International Conference on Network and Service Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The DETER testbed provides infrastructure for conducting medium-scale repeatable experiments in computer security, especially experiments that involve malicious code. Built using Utah's EMULAB, the DETER testbed has been configured and extended to provide stronger assurances for isolation and containment. This paper provides information on the capabilities of the DETER testbed and discusses the lessons learned from its deployment. Our strategies for containment are described and future plans discussed.