Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.6.1169

Research on the Trend of Utilizing Emulab as Cyber Security Research Framework  

Lee, Man-Hee (Hannam University)
Seok, Woo-Jin (KISTI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.6, 2013 , pp. 1169-1180 More about this Journal
Abstract
Emulab is a research framework developed by Utah university, proving on-demend research environment service so that researchers can set up and use the environment at anytime. The main advantage of Emulab over other research methodologies like simulation or virtualization is to use real systems and networks using real operating systems, making the research environment much similar to the real world. Even though Emulab has been actively used in many areas such as security and network, there has been little use in Korea research community. As KISTI recently constructed a small Emulab, it is expected that many researchers and educators would make use of the Emulab. In this study, we introduce Emulab to Korea research community and give an overview of utilization trend of Emulab as a cyber security research framework.
Keywords
Cyber security; Emulab; Research framework;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Li, D. Lim, and K. Sollins, "Dependency -based distributed intrusion detection," DETER Community Workshop on Cyber Security Experimentation and Test, Aug. 2007.
2 C. Neuman, D. Dayama, and A. Viswanathan, "Emulating an embedded firewall," deter community workshop on Cyber Security Experimentation and Test, Aug. 2007.
3 N. Weaver and V. Paxon, "Stress-testing a gbps intrusion prevention device on deter," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
4 P. Peterson and P. Reiher, "Security exercises for the online classroom with deter," Proceedings of the 3rd international conference on Cyber security experimentation and test (CSET'10), Aug. 2010.
5 Slowloris, http://en.wikipedia.org/wiki/Slowloris
6 Slowloris HTTP DoS, http://ha.ckers.org/slowloris
7 L. Li, S. Jiwasurat, I. Hamadeh, G. Kesidis, C. Neumann, and P. Liu, "Emulating sequential scanning worms on the deter testbed," Proceedings of IEEE/Create-Net TridentCom, Jun. 2006.
8 KISTI Emulab; Network Emulation Testbed Home, http://www.emulab.kreonet.net/
9 J. Mirkovic, M. Robinson, P. Reiher, and G. Oikonomou, "Distributed defense against ddos attacks," Technical Report CIS-TR-2005-02, University of Delaware CIS Department, 2005.
10 H. Hazeyama, M. Suzuki, S. Miwa, D. Miyamoto, and Y. Kadobayashi, "Outfitting an inter-as topology to a network emulation testbed for realistic performance tests of ddos countermeasures," Proceedings of the Conference on Cyber Security Experimentation and Test, Jul. 2008.
11 L. Li, P. Liu, Y. Jhi, and G. Kesidis, "Evaluation of collaborative worm containments on deter testbed," DETER Community Workshop on Cyber Security Experimentation and Test, Aug. 2007.
12 C. Ko, A. Hussain, S. Schwab, R. Thomas, and B. Wilson, "Towards systemic ids evaluataion," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
13 Utah Emulab; Network Emulation Testbed Home, http://www.emulab.net/
14 S. Floyd and V. Paxson, "Difficulties in simulating the internet," IEEE/ACM Transactions on Networking (TON), vol. 9, no. 4, pp. 392-403, Aug. 2001.   DOI   ScienceOn
15 X. Chen, J. Andersen, Z. Mao, M. Bailey, J. Nazario, and F. Jahanian, "Towards an understanding of anti-virtualization and anti -debugging behavior in modern malware," Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'08), pp. 177-186, Jun. 2008.
16 B. White, J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, and A. Joglekar, "An integrated experimental environment for distributed Systems and Networks," Operating systems design and implementation 2002, pp. 255-270, Oct. 2002.
17 DETER Network Security Testbed, http://www.isi.deterlab.net/
18 Y. Chen, K. Hwang, and W. Ku, "Collaborative detection of ddos attacks over multiple network domains," IEEE Transactions on Parallel and Distributed Systems, vol. 18, no. 12, pp. 1649-1662, Dec. 2007.   DOI   ScienceOn
19 M. Natu and J. Mirkovic, "Fine-grained capabilities for flooding ddos defense using client reputations," Proceedings of the 2007 Workshop on Large Scale Attack Defense, LSAD '07, pp. 105-112, 2007.
20 M. Beaumont-Gay, "A comparison of syn flood detection algorithms," Proceedings of the Second International Conference on Internet Monitoring and Protection (ICIMP), pp. 9, Jul. 2007.
21 J. Mirkovic, S. Fahmy, P. Reiher, and R. Thomas, "How to test dos defenses," Cybersecurity Applications and Technology Conference For Homeland Security, pp. 103-117, Mar. 2009.
22 J. Mirkovic, E. Arikan, S. Wei, S. Fahmy, R. Thomas, and P. Reiher, "Benchmarks for ddos defense evaluation," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
23 J. Mirkovic, B. Wilson, A. Hussain, S. Fahmy, P. Reiher, R. Thomas, and S. Schwab, "Automating ddos experimentation," DETER Community Workshop on Cyber Security Experimentation and Test, Aug. 2007.
24 J. Mirkovic, S. Fahmy, P. Reiher, R. Thomas, A. Hussain, S. Schwab, and C. Ko, "Measuring impact of dos attacks," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
25 R. Chertov, S. Fahmy, and N. Shroff, "High fidelity denial of service(dos) experimentation," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
26 A. Hussain, S. Schwab, R. Thomas, S. Fahmy, and J. Mirkovic, "Ddos experiment methodology," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
27 C. Neuman, C. Shah, and K. Lahey, "Running live self-propagating malware on the deter testbed," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
28 S. Hanna and D. Nicol, "Implementation and instrumentation of a flash-worm," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
29 M. Vasek and T. Moore, "Do malware reports expedite cleanup? an experimental study," 5th USENIX Workshop on Cyber Security Experimentation and Test (CSET), Jun. 2012.
30 S. Cheetancheri, J. Agosta, D. Dash, K. Levitt, J. Rowe, and E. Schooler, "A distributed host-based worm detection system," Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (LSAD), pp. 107-113, Sep. 2006.
31 N. Weaver and S. Staniford, "Very fast containment of scanning worms, Revisited," Malware Detection, Springer Verlag, Vol. 27, pp. 113-145, 2007.   DOI
32 L. Briesemeister and P. Porras, "Formally specifying design goals of worm defense strategies," DETER Community Workshop on Cyber Security Experimentation and Test, Arlington, Virginia, Jun. 2006.
33 S. Cheetancheri, D. Ma, K. Levitt, and T. Heberlein, "Towards a framework for worm-defense evaluation," Proceedings of the 25th IEEE International Performance, Computing, and Communications Conference (IPCCC), pp. 559-565, Apr. 2006.
34 P. Barford and M. Blodgett, "Toward botnet mesocosms," Proceedings of First Workshop on Hot Topics in Understanding Botnet, USENIX Association, Apr. 2007.
35 K. Butler, T. Farley, P. McDaniel, and J. Rexfod, "A survey of bgp security issues and solutions," Technical Report TD-5UGJ33, ATandT Labs - Research, Feb. 2004.
36 S. Tseng, S. Wu, K. Ma, C. Chuah, S. Teoh, K. Zhang, and X. Zhao, "Elisha: a visual and interactive tool for bgp anomaly detection and analysis," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.
37 K. Butler and P. McDaniel, "Testing large scale bgp security in replayable network environments," DETER Community Workshop on Cyber Security Experimentation and Test, Jun. 2006.