ExptsSecurity Project Status Report

Title: GENI Experiments for Traffic Capture Capabilities and Security Requirement Analysis

Period: Second quarter 2010

Authors: Xiaoyan Hong, Fei Hu, Yang Xiao, University of Alabama

I. Major accomplishments

A. Milestones achieved

We are working towards achieving the milestone ExptsSec: S2.c, which is due by July 9. For this milestone, we will report further experiments that validate vulnerability hypotheses in ProtoGENI, and simple scripts we used in a couple experiments. In the report we will provide suggestions based on our experiments for improving ProtoGENI security.

B. Deliverables made

The deliverables made for milestone ExptsSec: S2.c will be due on July 9. They include:

(1) Document reporting the experiments based on the revised experimentation plans delivered by Milestone 2. It includes experiment steps, the findings on the corresponding security vulnerabilities, and suggestions.

(2) Simple scripts (in a zipped file) that helped in conducting a couple of experiments.

II. Description of work performed during last quarter

A. Activities and findings

We have run several experiments based on the revised experimentation plans delivered in Milestone 2. They include the experiments in three directions, namely, authentication, runtime interaction, and virtual machines. Especially, some of the experiments have followed the development of ProtoGENI, such as virtual node. We tried to install our own virtual machine and reference CM to test security breaches. We analyzed more test scripts for potential experiments. We have used the geni-user mailing-list to interact with ProtoGENI technical personals to solve several problems in our experiments. The results and findings will be reported in a separate document soon. In addition, they will be presented in GEC8.

The PIs and participating students held regular meetings to discuss experiment activities, related security issues and ProtoGENI functions.

B. Project participants

Xiaoyan Hong (PI)
Fei Hu (Co-PI)
Yang Xiao (Co-PI)
Jingcheng Gao (Graduate student)
Anil Garimidi (Graduate student)
Dawei Li (Graduate student)
Dong Zhang (Graduate student)
Sneha Rao (Graduate student)
Fnu Shalini (Graduate student)

C. Publications (individual and organizational)

A paper about our security tests is submitted to CCNC 2010.

D. Outreach activities

We offered a graduate seminar course on EMULAB and ProtoGENI. We also provided a course project in an upper level networking class.

E. Collaborations

We participated in all conference-calls since January 2010.

We held a telecon with OnTimeMeasure team to discuss the potential usage of the tools in our experiments.

F. Other Contributions

Last modified 11 years ago Last modified on 07/10/10 14:49:53