ViSe : The Virtual Security Testbed

Traditional means of testing Intrusion Detection Systems (IDSs) require the creation of isolated physical test networks (testbeds) using machines that must be individually configured for each test. This process becomes cumbersome and resource-intensive when malicious attacks, launched against the pre-configured systems, cause significant harm and require the reinstallation of software before testing may continue. Virtual testbeds can minimize many of these costs and greatly increase the testing efficiency while accurately replicating physical environments. ViSe, a virtual security testbed, is a unique solution to the problem of security testing. ViSe’s broad base of installed operating systems(OSs) and vulnerable applications provides an environment where researchers can test real attacks against vulnerable systems in a reliable and efficient manner.

[1]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[2]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[3]  Mike Hibler,et al.  An integrated experimental environment for distributed systems and networks , 2002, OPSR.

[4]  Jesse C. Rabek,et al.  LARIAT: Lincoln adaptable real-time information assurance testbed , 2002, Proceedings, IEEE Aerospace Conference.

[5]  Dejan Kostic,et al.  Scalability and accuracy in a large-scale network emulator , 2002, CCRV.

[6]  Marianne Shaw,et al.  Scale and performance in the Denali isolation kernel , 2002, OSDI '02.

[7]  Xuxian Jiang,et al.  vBET: a VM-based emulation testbed , 2003, MoMeTools '03.

[8]  Christopher Krügel,et al.  On the Detection of Anomalous System Call Arguments , 2003, ESORICS.

[9]  HarrisTim,et al.  Xen and the art of virtualization , 2003 .

[10]  Niels Provos,et al.  Honeyd : A Virtual Honeypot Daemon ( Extended Abstract ) , 2003 .

[11]  Joshua W. Haines,et al.  LLSIM: network simulation for correlation and response testing , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[12]  Giovanni Vigna,et al.  An experience developing an IDS stimulator for the black-box testing of network intrusion detection systems , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[13]  Giovanni Vigna,et al.  Testing network-based intrusion detection signatures using mutant exploits , 2004, CCS '04.

[14]  Helen J. Wang,et al.  Virtual Playgrounds for Worm Behavior Investigation , 2005, RAID.

[15]  Larry L. Peterson,et al.  The design principles of PlanetLab , 2006, OPSR.