Design, Deployment, and Use of the DETER Testbed

The DETER testbed provides infrastructure for conducting medium-scale repeatable experiments in computer security, especially experiments that involve malicious code. Built using Utah's EMULAB, the DETER testbed has been configured and extended to provide stronger assurances for isolation and containment. This paper provides information on the capabilities of the DETER testbed and discusses the lessons learned from its deployment. Our strategies for containment are described and future plans discussed.

[1]  G. Kesidis,et al.  Emulating sequential scanning worms on the DETER testbed , 2006 .

[2]  John Wroclawski,et al.  A DETER Federation Architecture , 2007, DETER.

[3]  Karl N. Levitt,et al.  A hybrid quarantine defense , 2004, WORM '04.

[4]  Eddie Kohler,et al.  Internet research needs better models , 2003, CCRV.

[5]  Roshan K. Thomas,et al.  Justification and Requirements for a National DDoS Defense Technology Evaluation Facility , 2003 .

[6]  Kwan-Liu Ma,et al.  Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP , 2004, VizSEC/DMSEC '04.

[7]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[8]  Sally Floyd,et al.  Difficulties in simulating the internet , 2001, TNET.

[9]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[10]  EDDIE KOHLER,et al.  The click modular router , 2000, TOCS.

[11]  S. Schwab,et al.  Methodologies and metrics for the testing and analysis of distributed denial of service attacks and defenses , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.

[12]  Daniel Massey,et al.  On Detection of Anomalous Routing Dynamics in BGP , 2004, NETWORKING.

[13]  Dan Schnackenberg,et al.  Statistical approaches to DDoS attack detection and response , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[14]  Mike Hibler,et al.  USENIX Association Proceedings of the General Track : 2003 USENIX Annual , 2003 .

[15]  Mike Hibler,et al.  An integrated experimental environment for distributed systems and networks , 2002, OSDI '02.

[16]  Krzysztof Pawlikowski,et al.  On credibility of simulation studies of telecommunication networks , 2002, IEEE Commun. Mag..

[17]  Dongho Kim,et al.  Experience with DETER: a testbed for security research , 2006, 2nd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2006. TRIDENTCOM 2006..

[18]  Catherine Rosenberg,et al.  Cyber defense technology networking and evaluation , 2004, CACM.

[19]  Stephen Schwab,et al.  A Plan for Malware Containment in the DETER Testbed , 2007, DETER.

[20]  John S. Heidemann,et al.  A framework for classifying denial of service attacks , 2003, SIGCOMM '03.