GEC11 - GENI "Hive Mind" Report ==================================== Period: April 1, 2011 - August 1, 2011 I. Major accomplishments A. Milestones achieved Hive: S3.d Demonstration and outreach at GEC11 (Due 07/31/11) Completed. Sean Peisert, Matt Bishop, and Steven Templeton all attended, represented the project, and are reaching out to other projects. Steven Templeton presented a poster (http://hivemind.cs.ucdavis.edu/_docs_/GEC11-HiveMind.pdf) at the GEC11 poster session since the demos session was cancelled. B. Deliverables made this term n/a II. Description of work performed during the last term A. Activities and findings Having implemented initial prototypes of our Hive Mind concept on ProtoGENI and DETER, our work is now larger, more robust, and more versatile. In particular, we now have built up larger portions of the hierarchy and have a broader range of classifier functions. We have now moved classifiers themselves beyond just the ant concept to a broader concept (e.g., digital birds and bees), due to initial results that show the basic ant model, which is memoryless and does not support direct communication, is insufficient. Thus, even a critical attack such as a DDOS would be difficult for our original ant model to detect. Our current methods take cues from other biological functions and behaviors, such as those from birds and wasps, to enhance our ability to detect attacks. In the current instance of the prototype, GENI experiment slices are swapped in with management a process running on each node. An extra node for security system oversight and reporting is added to the experiment. Experiments are being run to test a variety of performance criteria using Slices of up to 640 nodes. We are using ProtoGENI and DETER test beds and the Benito virtualization framework for our testing. The software is continuing to be developed and expanded and we anticipate a demo of our prototype at GEC 12, assuming a demo session will be held. Wake Forest researchers have also implemented sensor functions for hosts based on the use of GNU Cfengine (http://www.gnu.org/software/cfengine/). We also established a project web site: http://hivemind.cs.ucdavis.edu/ B. Current project participants PI: Sean Peisert (PI; UC Davis) CoPI: Carrie Gates (CA Labs) Senior Personnel Matt Bishop (UC Davis) Students: Steven Templeton (UC Davis) C. Publications (individual and organizational) Steven Templeton, "Security Aspects of Cyber-Physical Device Safety in Assistive Environments," Proceedings of the 4th International Conference on Pervasive Technologies Related to Assisted Environments (PETRA), Crete, Greece, May 25-27, 2011. D. Outreach activities Prof. Peisert is serving as program co-chair of the 4th Workshop on Cyber Security Experimentation and Test (CSET '11) on August 8, 2011: http://www.usenix.org/events/cset11/ This workshop will have considerable discussion of and focus on testbeds, including ProtoGENI. E. Collaborations Collaborators in addition to named subcontractors include Prof. Errin Fulp and his graduate students of Wake Forest University. We are also working with staff at the DETER project, who are facilitating our implementation and experimental work on DETER, and with Rob Ricci, who is facilitating our implementation and experimental work on ProtoGENI. F. Other Contributions N/A