wiki:Quarterly-ExptsSec-report-2010y2-1.txt

Version 1 (modified by hxy@cs.ua.edu, 8 years ago) (diff)

--

ExptsSecurity Project Status Report

Title: GENI Experiments for Traffic Capture Capabilities and Security Requirement Analysis
Period: Fourth quarter 2010
Authors: Xiaoyan Hong, Fei Hu, Yang Xiao, University of Alabama

I. Major accomplishments

A. Milestones achieved

We have been working in several directions towards achieving the first milestone of year 2 of the project (4th quarter 2010).

(1) We have run and reported initial experiments designed in Milestone #4 (ExptsSec: S2.d) of Year1 on ProtoGENI/Emulab wireless nodes (reported in the technical documents).

(2) We have been reading documents to study GENI Spiral 2 results. Following the S2 new developments, experiments have been done to repeat and refine some of the previous experiments, and to identify potential new security vulnerabilities. Results are reported in the technical documents.

(3) We have developed revised summary experimentation findings and suggestions as an additional document for reporting.

B. Deliverables made

(1) Presentation at GEC#9. http://groups.geni.net/geni/attachment/wiki/Gec9-ExptsSec.pdf

(2) Dawei Li, Xiaoyan Hong, "Explore ProtoGENI Security Problems From Experimentation", a preparation for submission, Dec 2010. http://groups.geni.net/geni/attachment/wiki/exp-report-dec10-hong.pdf
(3) "Summary Findings and Suggestions", Dec 2010. http://groups.geni.net/geni/attachment/wiki/Dec2010-summary.docx

More here...

II. Description of work performed during last quarter

A. Activities and findings

The results and findings are reported in technical documents. We have generated a few documents that describe the results of our work. The deliverables are listed above. These results are , which spans in three directions, namely, authentication, runtime interaction, and virtual machines, and also covers in extended scope of wireless and new S2 results. These documents include some of the experiments that have been reported in earlier technical documents, but they have more new experiments and results performed following the series of milestones including Y2 milestones. For example, the new experiments that contribute to the Y2 milestone in two directions: first, reporting a repeated experiment about cross-slice communications in ProtoGENI to validate the software fix to an early discovery of the problem; and second, reporting the exploitation of selected potential network protocol vulnerabilities in the wireless testbed.

In these documents we also provide suggestions based on our experiments for improving ProtoGENI security.

Some of the results have been submitted to conferences (one is accepted). Some of the results have been presented in GEC#9 (and other earlier GECs).

Dr. Yang Xiao has supervised a greaduate student for Master These: Fnu Shalini, "PROTOGENI SECURITY: THREATS TO RESOURCES AND RUN-TIME INTERACTIONS", Master Thesis of Computer Science, Dec 2010.

PI Xiaoyan Hong attended and presented results of the experiments at GEC#9 in November 2010. We interacted with other GENI teams during GEC #9 and obtained great feedback from them.

We have two REU students participating in the project since October. They attended GEC#9 and participated in tutorials.

We have used the geni-user mailing-list to interact with ProtoGENI technical personals to solve several problems in our experiments. We still try to install our own virtual machine and reference CM to test security breaches.

B. Project participants

Xiaoyan Hong (PI)
Fei Hu (Co-PI)
Yang Xiao (Co-PI)
Jingcheng Gao (Graduate student)
Dawei Li (Graduate student)
Dong Zhang (Graduate student)
Sneha Rao (Graduate student)
Fnu Shalini (Graduate student)
Darwin Witt (Undergraduate student)
Jason Bowman (Undergraduate student)

C. Publications (individual and organizational)

  1. Gao, Y. Xiao, S. Rao, and F. Shalini, "Security Tests of ProtoGENI and Attack Experimentations," Proceedings of 2011 International Conference on Security Science and Technology (ICSST 2011), Jan 21 -23, Chongqing, China.

D. Outreach activities

We introduced EMULAB in a graduate course of distributed systems in the semester of Fall 2010. Course projects are conducted using Emulab.

Dr. Hong gave a presentation on GENI security and this project at Auburn University in October, 2010.

E. Collaborations

We participated in Cluter C conference-calls.

F. Other Contributions