[[PageOutline]] == Project Number == 1783 == Project Title == GENI Experiments for Traffic Capture Capabilities and Security Requirement Analysis [[BR]] a.k.a. !ExptsSecurity === Technical Contacts === Principal Investigator Xiaoyan Hong hxy@cs.ua.edu [[BR]] Co-PI: Fei Hu fei@eng.ua.edu [[BR]] Co-PI: Yang Xiao yangxiao@ieee.org === Participating Organizations === Department of Computer Science [[BR]] The University of Alabama, Box 870290 [[BR]] Tuscaloosa, AL 35487[[BR]] [[BR]] Department of Electrical and Computer Engineering [[BR]] The University of Alabama, Box 870286 [[BR]] Tuscaloosa, AL 35487 === GPO Liaison System Engineer === Vic Thomas vthomas@geni.net == Scope == This effort will help define GENI security requirements based on investigations through ProtoGENI experiments using at least two aggregates, one of which will be a wireless aggregate. The investigations will use network traffic capture and analysis under both normal and misbehaving situations. The well-articulated experiments will analyze the security and privacy characteristics, test GENI traffic recording and capture tools (following the results from Spiral I and II), and make suggestions for improvements to the ProtoGENI control framework with special emphasis on security improvements. === Current Capabilities === BRIEF descriptions of resources/functions/tools that are available to anyone in the GENI community === Milestones === * [[MilestoneDate(ExptsSec: S4.a Report on results of experiments designed in Yr. 2)]] Click [http://groups.geni.net/geni/attachment/wiki/ExptsSecurityAnalysis/ExptsSec-milestone-s3d-a.pdf here] for the document and Click [http://groups.geni.net/geni/wiki/Quarterly-ExptsSec-GEC12report.txt here] for GEC 12 progress report. * [[MilestoneDate(ExptsSec: S4.b Security experiments using cloud resources in GENI)]] Click [http://groups.geni.net/geni/attachment/wiki/ExptsSecurityAnalysis/ExptsSec-milestone-s4b.pdf here] for the document and Click [http://groups.geni.net/geni/wiki/Quarterly-ExptsSec-GEC13report.txt here] for GEC 13 progress report. * [[MilestoneDate(ExptsSec: S4.c Report of the experiments designed in Milestone b)]] Click [http://groups.geni.net/geni/attachment/wiki/ExptsSecurityAnalysis/Milestone-s4c-Report.pdf here] for analysis on key management and authentication. * [[MilestoneDate(ExptsSec: S4.d Report summarizing results of security experiments)]] Click [http://groups.geni.net/geni/attachment/wiki/ExptsSecurityAnalysis/Milestone-s4d-Report.pdf here] for suggestions on key management and access control. == Project Technical Documents == [attachment:ExptsSec-designdoc-1.pdf Description of planned security experiments] [[BR]] [attachment:ExptsSec-designdoc-revised.pdf Revised description of planned security experiments] [[BR]] [attachment:ExptsSec-gec7.pdf Presentation at GEC7] [[BR]] [attachment:ExptsSec-initialExpts-findings.pdf Report on initial experiments and findings] [[BR]] [attachment:ExptsSec-milestone3-findings.pdf Report on experimentation exploiting vulnerabilities and validating vulnerability hypotheses] [[BR]] [attachment:ExptsSec-gec8.pdf Presentation at GEC8] [[BR]] [attachment:Spiral2-Project-Review-ExptsSec-27Aug10.pptx Spiral 2 Year-end Project Review] [[BR]] [attachment:ExptsSec-milestone4.pdf Report on experiment design to extend the scope to wireless nodes] [[BR]] [attachment:Gec9-ExptsSec.pdf Presentation at GEC9] [[BR]] [attachment:exp-report-dec10-hong.pdf Explore ProtoGENI Security Problems From Experimentation, Dawei Li, Xiaoyan Hong, a preparation for submission, Dec 2010. ] [[BR]] [attachment:Dec2010-summary.pdf Summary Findings and Suggestions] [[BR]] [attachment:GEC10-presentation.pdf Presentation at GEC10] [[BR]] [attachment:acmse2011_attachment_52.pdf Report of recent results and suggestions for S3.b. ] [[BR]] [attachment:ExptsSec-milestone-s3c.pdf Report of results and suggestions for S3.c] [[BR]] [attachment:ExptsSec-milestone-s3d-a.pdf Report of results and suggestions for S3.d] [[BR]] [attachment:GEC12-exptsSeca.pdf GEC12 presentation] [[BR]] [attachment:ExptsSec-milestone-s4b.pdf Deliverable (results of analysis and experiments) for S4.b] [[BR]] [attachment:Milestone-s4c-Report.pdf S4.c deliverable (analysis on key management and authentication)] [[BR]] [attachment:Milestone-s4d-Report.pdf S4.d deliverable (suggestions on key management and access control)] [[BR]] === Quarterly Status Reports === [wiki:ExptsSecurityAnalysis-4Q09-status December 2009 report] [[BR]] [wiki:Quarterly-ExptsSec-report-2.txt March 2010 report] [[BR]] [wiki:Quarterly-ExptsSec-report-3.txt June 2010 report] [[BR]] [wiki:Quarterly-ExptsSec-report-2010y2-1.txt GEC9 2010 report] [[BR]] [wiki:Quarterly-ExptsSec-report-2011a.txt GEC10 2011 report] [[BR]] [wiki:Quarterly-ExptsSec-report-2011b.txt GEC11 2011 report] [[BR]] [wiki:Quarterly-ExptsSec-GEC12report.txt GEC12 2011 report] [[BR]] [wiki:Quarterly-ExptsSec-GEC13report.txt GEC13 2012 report] [[BR]] [wiki:Quarterly-ExptsSec-GEC14report.txt GEC14 2012 report] [[BR]] [wiki:Quarterly-ExptsSec-GEC15report.txt GEC15 2012 report] [[BR]] [wiki:Quarterly-ExptsSec-GEC16report.txt GEC16 2012 report] [[BR]] === Spiral 2 Connectivity === To be reviewed: Layer 3 connectivity to ProtoGENI clearinghouse. Layer 3 connectivity to provision resources used by experiments. Layer 2/3 connectivity between resources used in experiment. === Related Projects === Includes non-GENI projects.