= VMI-FED Project Status Report = Period: January 1 – March 31, 2010 (Q1 2010) '''Overview''' This QSR documents the progress by the University of Alaska Fairbanks (UAF) for Project Number 1773, Virtual Machine Introspection (VMI) and Development of a Model Federation Framework (MFF) for GENI, a.k.a. VMI-FED. UAF successfully demonstrated VMI functionality at the seventh GENI Engineering Conference (GEC7), and is expanding VMI’s role in instrumentation and measurement by studying VMI functionality on virtual machine node clusters. We recently began examining ORCA-BEN (Cluster D) as a suitable candidate to port our VMI tools into because of its Xen-based control structure. Furthermore, we are studying PlanetLab’s (Cluster B) myPLC control framework on an isolated network to configure the VMI library for VServer implementations. In addition, we are continuing our resource analysis of the network ecosystem of the University of Alaska, a sample of which was posted February 1, 2010. Once complete, we will create a classification system that encompasses the myriad of resource types that exist across the state of Alaska. Furthermore, we are expanding our contact list to include more == I. Major accomplishments == === A. Milestones achieved === We installed myPLC from Planet Lab Central and a node cluster onto our server in order to study Virtual Machine Introspection (VMI) on Virtual Server (VServer), . We created a website at http://assert.uaf.edu/geni/ to allow for us to increase awareness of our project, and allow for a more organized and flexible way of distributing information about our project. Four members of the team attended GEC7. A demonstration of VMI working was performed, posters were displayed and a handout was distributed to further spread knowledge of our project. === B. Deliverables made === Milestone VMI-FED: S2.b ASSERT doc Completed: (02/01/10) Finalized and posted ASSERT Virtualization Resource Analysis Document for review by GENI researchers and personnel. == II. Description of work performed during last quarter == === A. Activities and findings === We are continuing our resource analysis of the network ecosystem of the University of Alaska. Once complete, we will create a classification system that encompasses the myriad of resource types that exist across the state of Alaska. The first component we plan to federate into GENI from UAF is the Advanced System Security Education, Research and Training (ASSERT) lab. To this end, we created a resource analysis of this lab and posted it for the GENI community to review and provide feedback. Furthermore, we are continually cultivating our university contact list, identifying available resources, and determining how GENI federation can form mutually beneficial community partnerships. Specifically, our contacts have supplied information about the network connections across the UA network and many resources across UAF, which is one of three main campuses that comprise UA. In addition, we have made some progress in VMI. We recently began examining ORCA-BEN (Cluster D) as a candidate to port our VMI tools into, since VMI and ORCA are Xen-based. Furthermore, we are studying myPLC from PlanetLab (Cluster D) in order to port VMI to VServer-based infrastructures. VServer is efficient and scalable for virtual machine creation, and we intend to retool our VMI library to facilitate further study. === B. Project participants === MFF Principal Investigator [[BR]] Dr. Kara Nance klnance@alaska.edu MFF Principal Investigator[[BR]] Dr. Jon Genetti jdgenetti@alaska.edu VMI Principal Investigator[[BR]] Dr. Brian Hay brian.hay@alaska.edu MFF Research Assistant Lead[[BR]] Donald Kline dpkline@alaska.edu VMI Research Assistant Lead[[BR]] John Quan jquan2@alaska.edu VMI Research Assistant[[BR]] Greg Klupar gjklupar@alaska.edu === C. Publications (individual and organizational) === Nance, K., H. Armstrong, and C. Armstrong. Developing a Research Agenda to Improve Digital Forensics Education. Digital Forensics Minitrack of 43rd Hawaii International Conference on Systems Sciences. January 2010. Hay, B., and Hecker, C. Securing E-Government Assets Through Automating Deployment of Honeynets for IDS Support. Information Security Minitrack of 43rd Hawaii International Conference on Systems Sciences. January 2010. Hay, B. Applications of Virtualization to Digital Forensics Education. Digital Forensics Minitrack of 43rd Hawaii International Conference on Systems Sciences. January 2010. === D. Outreach activities === Dr. Kara Nance chaired the Digital Forensics Minitrack at the Hawaii International Conference on Systems Sciences where GENI was discussed as a component of the digital forensics research agenda. Dr. Brian Hay chaired the Virtualization Minitrack at the Hawaii International Conference on Systems Sciences where virtual machine introspection was discussed, as was VIX, a component of GENI. Repeated attempts to further the research collaborations discussed at the US-Japan Workshop on Future Networks went unanswered by the potential collaborators. Dr. Kara Nance gave two invited presentations on the current state of cybersecurity from a national perspective which included discussions of the GENI Project as well as discussions of virtual machine introspection and emerging cybersecurity threats. Her participation was at the invitation of the Office of the Director of National Intelligence. February 10-11, 2010 East West Center Office of the Director of National Intelligence Regional Colloquium University of Hawaii, Manoa Honolulu, HI February 24, 2010 Georgia Tech Office of the Director of National Intelligence Regional Colloquium Georgia Institute of Technology Atlanta, GA === E. Collaborations === We are studying SeattleGENI (MillionNodeGENI), by the University of Washington, as one way to motivate users to federate resources into GENI. By donating resources to SeattleGENI, contributors are able to perform their own experiments on shared resources. Universities also may find SeattleGENI appealing because of its tested use as part of a course curriculum in multiple universities across the United States and Europe. We performed impact tests with this software and discovered that the software's host resource use is almost unnoticeable with the default settings, even in the performance logs. We are currently brainstorming a list of security tests to perform on this software to demonstrate this product's stability. === F. Other Contributions === === G. Goals === The primary short-term goal for VMI research is to load the ORCA control framework onto the ASSERT lab and study the node clusters with VMI. This is directly related to our next milestone, which is a demonstration of initial VMI library on cluster nodes at UA (Due: 5/01/2010). Once complete, our second short-term goal is to integrate VServer functionality into VMI. On the federation side, our goals are to further investigate UA resources , especially focusing on University of Anchorage, Juneau, and the rural campuses. This will facilitate the 7/15/2010 deliverable, which is to finalize the initial UA resource analysis summary document. In addition, we will create a survey to distribute to the GENI community and other groups of users who will potentially use the Model Federation Framework (MFF) to federate resources into GENI. This will allow us to make a MFF that better suits the end-user's needs.