Shadow: Scalable and Deterministic Network Experimentation

Slides:

Advertisements

Similar presentations

Presented by Dealing with the Scale Problem Innovative Computing Laboratory MPI Team.

Advertisements

Jennifer Rexford Princeton University MW 11:00am-12:20pm Network Virtualization COS 597E: Software Defined Networking.

Dr. Kalpakis CMSC 621, Advanced Operating Systems. Fall 2003 URL: Distributed System Architectures.

CS 443 Advanced OS Fabián E. Bustamante, Spring 2005 Resource Containers: A new Facility for Resource Management in Server Systems G. Banga, P. Druschel,

The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network Rob Jansen et. al NDSS 2014 Presenter: Yue Li Part of slides adapted from R.

Keith Wiles DPACC vNF Overview and Proposed methods Keith Wiles – v0.5.

Chapter 13 Embedded Systems

Figure 1.1 Interaction between applications and the operating system.

Copyright Arshi Khan1 System Programming Instructor Arshi Khan.

Replay Debugging for Distributed Systems Dennis Geels, Gautam Altekar, Ion Stoica, Scott Shenker.

Toward Understanding Congestion in Tor DC-area Anonymity, Privacy, and Security Seminar January 24 th, 2014 Rob Jansen U.S. Naval Research Laboratory *Joint.

Measuring zSeries System Performance Dr. Chu J. Jong School of Information Technology Illinois State University 06/11/2012 Sponsored in part by Deer &

Christopher Bednarz Justin Jones Prof. Xiang ECE 4986 Fall Department of Electrical and Computer Engineering University.

Dynamic Network Emulation Security Analysis for Application Layer Protocols.

Institute of Computer and Communication Network Engineering OFC/NFOEC, 6-10 March 2011, Los Angeles, CA Lessons Learned From Implementing a Path Computation.

LiNK: An Operating System Architecture for Network Processors Steve Muir, Jonathan Smith Princeton University, University of Pennsylvania

Shadow: Simple HPC for Systems Security Research Invited Talk Kansas State University September 25 th, 2013 Rob Jansen U.S. Naval Research Laboratory

Principles of Scalable HPC System Design March 6, 2012 Sue Kelly Sandia National Laboratories Abstract: Sandia National.

High Performance Computing & Communication Research Laboratory 12/11/1997 [1] Hyok Kim Performance Analysis of TCP/IP Data.

1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

© 2010 IBM Corporation Plugging the Hypervisor Abstraction Leaks Caused by Virtual Networking Alex Landau, David Hadas, Muli Ben-Yehuda IBM Research –

Never Been KIST: Tor’s Congestion Management Blossoms with Kernel- Informed Socket Transport 23 rd USENIX Security Symposium August 20 th 2014 Rob JansenUS.

1.4 Open source implement. Open source implement Open vs. Closed Software Architecture in Linux Systems Linux Kernel Clients and Daemon Servers Interface.

Windows 2000 Course Summary Computing Department, Lancaster University, UK.

Computing Infrastructure for Large Ecommerce Systems -- based on material written by Jacob Lindeman.

Issues Autonomic operation (fault tolerance) Minimize interference to applications Hardware support for new operating systems Resource management (global.

Udt.sourceforge.net 1 :: 23 Supporting Configurable Congestion Control in Data Transport Services Yunhong Gu and Robert L. Grossman Laboratory for Advanced.

An Architecture and Prototype Implementation for TCP/IP Hardware Support Mirko Benz Dresden University of Technology, Germany TERENA 2001.

Simics: A Full System Simulation Platform Synopsis by Jen Miller 19 March 2004.

1 Wide Area Network Emulation on the Millennium Bhaskaran Raman Yan Chen Weidong Cui Randy Katz {bhaskar, yanchen, wdc, Millennium.

Full and Para Virtualization

An Efficient Gigabit Ethernet Switch Model for Large-Scale Simulation Dong (Kevin) Jin.

How Low Can You Go: Balancing Performance with Anonymity in Tor’ DC-Area Anonymity,Privacy, and Security Seminar May 10 th, 2013 Rob Jansen U.S. Naval.

Shadow: Scalable Simulation for Systems Security Research CrySP Speaker Series on Privacy University of Waterloo January 20 th, 2016 Rob Jansen U.S. Naval.

1 Scalability and Accuracy in a Large-Scale Network Emulator Nov. 12, 2003 Byung-Gon Chun.

Network Processing Systems Design

Virtualization Neependra Khare

Lecture 5. Example for periority The average waiting time : = 41/5= 8.2.

CMPS Operating Systems Prof. Scott Brandt Computer Science Department University of California, Santa Cruz.

The Docker Container Approach to Build Scalable and Performance Testing Environment Pankaj Rodge, VMware.

INTRODUCTION TO WIRELESS SENSOR NETWORKS

Aaron Johnson Rob Jansen Aaron D. Jaggard Joan Feigenbaum

Introduction to threads

SDN challenges Deployment challenges

Virtual Machine Monitors

Current Generation Hypervisor Type 1 Type 2.

Introduction to Distributed Platforms

The Mach System Sri Ramkrishna.

Shadow: Real Applications, Simulated Networks

Structural Simulation Toolkit / Gem5 Integration

Rob Jansen and Nick Hopper University of Minnesota

Performance Enhancements for Tor

Programmable HPC Network Fabrics for Adaptive Computing

Software Defined Networking (SDN)

A Grid-wide, High-fidelity Electrical Substation Honeynet

Collaborative Offloading for Distributed Mobile-Cloud Apps

Inside Job: Applying Traffic Analysis to Measure Tor from Within

Dimitri Papadimitriou (ALB)

Software Defined Networking (SDN)

Active Networking at Washington Univ.

Development & Evaluation of Network Test-beds

Privacy-Preserving Dynamic Learning of Tor Network Traffic

V. Arun College of Information and Computer Sciences

Multithreaded Programming

Prof. Leonardo Mostarda University of Camerino

Operating System Introduction.

Comparison to existing state of security experimentation

An XML-based System Architecture for IXA/IA Intercommunication

CSC Multiprocessor Programming, Spring, 2011

Rob Jansen, U.S. Naval Research Laboratory

Presentation transcript:

Shadow: Scalable and Deterministic Network Experimentation Cybersecurity Experimentation of the Future Community Engagement Event Marina Del Rey, CA May 15th, 2018 Dr. Rob Jansen U.S. Naval Research Laboratory Center for High Assurance Computer Systems

The Science of Cybersecurity The most important property of experiments: Experimental control – isolate important factors Easily achievable with deterministic experimentation Determinism yields repeatable / reproducible experiments Requirements for large distributed systems (e.g., Tor) Realistic – execute system software (not an abstraction) Scalable – can run studied system at scale Shadow Network simulator with above design goals U.S. Naval Research Laboratory

Tor Experimentation

Estimated ~2 M. Users/Day (metrics.torproject.org) Tor Overview Tor: a censorship resistant, privacy-enhancing anonymous communication system ~6500 Relays, 100 Gbit/s Estimated ~2 M. Users/Day (metrics.torproject.org) U.S. Naval Research Laboratory

Onion Routing U.S. Naval Research Laboratory

Tor Experimentation Options Approach Notes Live Network Target environment, most “realistic” Lengthy deployment, security risks Testbed Target OS, uses Internet protocols Requires significant hardware investment Emulation Large VM overhead Simulation Deterministic, scalable, decoupled from real time Abstractions reduce realism More Realistic, Costly More Control, Scalable U.S. Naval Research Laboratory

Simulation vs. Emulation: Realism Abstracts away most system components Runs the real OS, kernel, protocols, applications Simulator is generally only internally consistent Software is interoperable with external components Less resource intensive More resource intensive U.S. Naval Research Laboratory

Simulation vs. Emulation: Time “As-fast-as-possible” Real time Control over clock, can pause time without issue Time must advance in synchrony with wall-clock Weak hardware extends total experiment runtime Weak hardware causes glitches that are difficult to detect and diagnose U.S. Naval Research Laboratory

Shadow Design

What is Shadow? Deterministic, parallel discrete-event network simulator Directly executes apps as plug-ins (e.g., Tor, Bitcoin) Models routing, latency, bandwidth Simulates time, CPU, OS TCP/UDP, sockets, queuing, threading Emulates POSIX C API on Linux U.S. Naval Research Laboratory

How does Shadow Work? Shadow - OS emulation and network simulation App OS Kernel TCP IP Internet App OS Kernel TCP IP App OS Kernel TCP IP U.S. Naval Research Laboratory

App Memory Management Apps loaded in independent namespaces, “copy-on-write” Namespace 1 Namespace 2 Namespace 3 Library Code (read-only) Library Data 1 Library Data 2 Library Data 3 Plug-in Code (read-only) Plug-in Data 1 Plug-in Data 2 Plug-in Data 3 U.S. Naval Research Laboratory

Direct Execution in a Simulator Namespace 1 Namespace 2 Namespace 3 libc libc libc Shadow – Simulated Linux Kernel Libraries and Network Transport Function Interposition Function Interposition Function Interposition libc API (send, write, etc.) libc API (send, write, etc.) libc API (send, write, etc.) Application Application Application U.S. Naval Research Laboratory

Shadow Uses Cases Tor Network and memory attacks in Bitcoin Latency and throughput correlation attacks Denial of Service attacks (sockets, RAM, bandwidth) Changes to path selection algorithms Traffic admission control algorithms Traffic scheduling and prioritization algorithms Network load balancing algorithms Process RAM consumption and optimization Network and memory attacks in Bitcoin Distributed secure multiparty computation algorithms Software debugging U.S. Naval Research Laboratory

Questions Dr. Rob Jansen Center for High Assurance Computer Systems U.S. Naval Research Laboratory rob.g.jansen@nrl.navy.mil robgjansen.com, @robgjansen The Shadow Simulator shadow.github.io github.com/shadow