Changes between Initial Version and Version 1 of Quarterly-ExptsSec-report-2010y2-1.txt


Ignore:
Timestamp:
03/31/11 20:06:55 (13 years ago)
Author:
hxy@cs.ua.edu
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Quarterly-ExptsSec-report-2010y2-1.txt

    v1 v1  
     1[[PageOutline]]
     2
     3= ExptsSecurity Project Status Report =
     4
     5'''Title:''' GENI Experiments for Traffic Capture Capabilities and Security Requirement Analysis [[BR]]
     6'''Period: Fourth quarter 2010''' [[BR]]
     7'''Authors:'''  Xiaoyan Hong, Fei Hu, Yang Xiao, University of Alabama [[BR]]
     8
     9== I. Major accomplishments ==
     10
     11=== A. Milestones achieved ===
     12
     13We have been working in several directions towards achieving the first milestone of  year 2 of the project (4th quarter 2010).  [[BR]]
     14
     15(1)  We have run and reported initial  experiments designed in Milestone #4 (ExptsSec: S2.d)
     16of Year1 on ProtoGENI/Emulab wireless nodes (reported in the technical documents). [[BR]]
     17
     18(2) We have been reading documents to study GENI Spiral 2 results. Following the S2 new developments, experiments have been done to repeat and refine some of the previous experiments, and to identify potential new security vulnerabilities. Results are reported in the technical documents. [[BR]]
     19
     20(3) We have developed revised summary experimentation findings and suggestions as an additional document for  reporting.  [[BR]]
     21
     22
     23=== B. Deliverables made ===
     24
     25
     26(1) Presentation at GEC#9.   http://groups.geni.net/geni/attachment/wiki/Gec9-ExptsSec.pdf [[BR]]
     27
     28
     29(2) Dawei Li, Xiaoyan Hong,  "Explore ProtoGENI Security Problems From Experimentation", a preparation for submission, Dec 2010.  http://groups.geni.net/geni/attachment/wiki/exp-report-dec10-hong.pdf [[BR]]
     30 
     31(3) "Summary Findings and Suggestions", Dec 2010. http://groups.geni.net/geni/attachment/wiki/Dec2010-summary.docx [[BR]]
     32
     33More here...  [[BR]]
     34
     35== II. Description of work performed during last quarter ==
     36
     37=== A. Activities and findings ===
     38
     39
     40The results and findings are reported in technical documents.  We have generated a few documents that describe the results of our work.  The deliverables are listed above.  These results are , which spans in three directions, namely, authentication, runtime interaction, and virtual machines,  and also covers in extended scope of wireless and new S2 results.  These documents  include some of the experiments that have been reported in earlier technical documents, but they have more new  experiments and results performed following the series of  milestones including Y2 milestones.  For example,  the  new experiments that contribute to the Y2 milestone in two directions: first, reporting a repeated experiment about cross-slice communications in ProtoGENI  to validate  the software fix to an early discovery of  the problem; and second, reporting  the exploitation of selected potential network protocol vulnerabilities in the  wireless  testbed.       
     41
     42In these documents we also provide suggestions based on our experiments for improving ProtoGENI security. 
     43
     44Some of the results have been submitted to conferences (one is accepted).   Some of the results have been presented in GEC#9 (and other earlier GECs).
     45
     46Dr. Yang Xiao has supervised a greaduate student for Master These:   Fnu Shalini, "PROTOGENI SECURITY: THREATS TO RESOURCES AND RUN-TIME INTERACTIONS", Master Thesis of Computer Science,   Dec 2010.       [[BR]]
     47
     48
     49PI Xiaoyan Hong attended and presented results of the experiments at GEC#9 in November 2010. We interacted with other GENI teams during  GEC #9 and obtained great feedback from them.  [[BR]]
     50
     51
     52We have two REU students participating in the project since October. They attended GEC#9 and participated in tutorials. [[BR]]
     53
     54
     55We have used the geni-user mailing-list to interact with ProtoGENI technical personals to solve several problems in our experiments. We still try to install our own virtual machine and reference CM to test security breaches. 
     56
     57
     58
     59=== B. Project participants ===
     60
     61Xiaoyan Hong (PI) [[BR]]
     62Fei Hu (Co-PI) [[BR]]
     63Yang Xiao (Co-PI) [[BR]]
     64Jingcheng Gao (Graduate student) [[BR]]
     65Dawei Li (Graduate student) [[BR]]
     66Dong Zhang (Graduate student) [[BR]]
     67Sneha Rao (Graduate student) [[BR]]
     68Fnu Shalini (Graduate student) [[BR]]
     69Darwin Witt (Undergraduate student) [[BR]]
     70Jason Bowman (Undergraduate student) [[BR]]
     71
     72
     73=== C. Publications (individual and organizational) ===
     74
     75J. Gao, Y. Xiao, S. Rao, and F. Shalini, "Security Tests of ProtoGENI and Attack Experimentations," Proceedings of 2011 International Conference on Security Science and Technology (ICSST 2011), Jan 21 -23, Chongqing, China.  [[BR]]
     76   
     77
     78=== D. Outreach activities ===
     79
     80We introduced EMULAB in a graduate course of distributed systems in the semester of Fall 2010.  Course projects are conducted using Emulab.
     81
     82Dr. Hong gave a presentation on GENI security and this project at Auburn University in October, 2010. [[BR]]
     83
     84
     85=== E. Collaborations ===
     86
     87We participated in Cluter C conference-calls. [[BR]]
     88
     89
     90=== F. Other Contributions ===