This work was supported by the TRUST Center (NSF award number CCF-0424422) Introduction Since public utilities must rely on the internet, they are vulnerable.

Slides:



Advertisements
Similar presentations
1 Computational Asset Description for Cyber Experiment Support using OWL Telcordia Contact: Marian Nodine Telcordia Technologies Applied Research
Advertisements

Introduction to IRRIIS testing platform IRRIIS MIT Conference ROME 8 February 2007 Claudio Balducelli.
This work was supported by the TRUST Center (NSF award number CCF ) 1. Setting up experiment on DETER testbed a)Created twelve pc backbone nodes.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Chapter 14 Network Design and Implementation. 2 Network Analysis and Design Aspects of network analysis and design Understanding the requirements for.
SDN and Openflow.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.
Wireless Sensor Network for Tracking the Traffic in INTERNET Network Routers Part 2 Supervisor:Mark Shifrin Students:Yuri Kipnis Nir Bar-Or Date:30 September.
1 Sonia Fahmy Ness Shroff Students: Roman Chertov Rupak Sanjel Center for Education and Research in Information Assurance and Security (CERIAS) Purdue.
What is adaptive web technology?  There is an increasingly large demand for software systems which are able to operate effectively in dynamic environments.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.
General Engineering Technology (Electro-mechanical) Fasten your seatbelts! You are about to enter the GET Zone!
Scalable Server Load Balancing Inside Data Centers Dana Butnariu Princeton University Computer Science Department July – September 2010 Joint work with.
Jordan University of Science and Technology
Basic Concepts of Computer Networks
This work was supported by the TRUST Center (NSF award number CCF ) Emulation of Abilene Network using DETER John Mela 1, Blaine Nelson 2, Saurabh.
Research on cloud computing application in the peer-to-peer based video-on-demand systems Speaker : 吳靖緯 MA0G rd International Workshop.
Intranet, Extranet, Firewall. Intranet and Extranet.
Introduction to HP LoadRunner Getting Familiar with LoadRunner >>>>>>>>>>>>>>>>>>>>>>
TRUST, Autumn 2010 Conference, November 10-11, 2010 Simulation of Network Attacks on SCADA Systems Rohan Chabukswar, Bruno Sinopoli, Gabor Karsai, Annarita.
Distributed Real-Time Systems for the Intelligent Power Grid Prof. Vincenzo Liberatore.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
1 Validation & Verification Chapter VALIDATION & VERIFICATION Very Difficult Very Important Conceptually distinct, but performed simultaneously.
1 CS 456 Software Engineering. 2 Contents 3 Chapter 1: Introduction.
This work was supported by the TRUST Center (NSF award number CCF ) Background Assurance of system stability is of paramount importance in every.
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.
Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.
Network Coding Testbed Jeremy Bergan, Ben Green, Alex Lee.
Honeypot and Intrusion Detection System
A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.
Resisting Denial-of-Service Attacks Using Overlay Networks Ju Wang Advisor: Andrew A. Chien Department of Computer Science and Engineering, University.
Bridging the Gap: Turning a Network Simulation into an Emulation Mac Newbold.
Section 4.2 AQA Computing A2 © Nelson Thornes 2009 Types of Operating System Unit 3 Section 4.1.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Zibin Zheng DR 2 : Dynamic Request Routing for Tolerating Latency Variability in Cloud Applications CLOUD 2013 Jieming Zhu, Zibin.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
Code : STM#370 Samsung Electronics Co., Ltd. OfficeServ Call Simulator Distribution EnglishED01.
What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.
SECURING SELF-VIRTUALIZING ETHERNET DEVICES IGOR SMOLYAR, MULI BEN-YEHUDA, AND DAN TSAFRIR PRESENTED BY LUREN WANG.
Network design Topic 6 Testing and documentation.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Security Vulnerabilities in A Virtual Environment
Grid Defense Against Malicious Cascading Failure Paulo Shakarian, Hansheng Lei Dept. Electrical Engineering and Computer Science, Network Science Center,
Computer Simulation of Networks ECE/CSC 777: Telecommunications Network Design Fall, 2013, Rudra Dutta.
Lecture 4 Mechanisms & Kernel for NOSs. Mechanisms for Network Operating Systems  Network operating systems provide three basic mechanisms that support.
Quality of Service Schemes for IEEE Wireless LANs-An Evaluation 主講人 : 黃政偉.
HardSSH Cryptographic Hardware Key Team May07-20: Steven Schulteis (Cpr E) Joseph Sloan (EE, Cpr E, Com S) Michael Ekstrand (Cpr E) Taylor Schreck (Cpr.
Use Network Simulator (NS) to setup test topologies on DETER testbed. Run experiments varying the gain and stability to determine control signal effectiveness.
Introduction to Performance Testing Performance testing is the process of determining the speed or effectiveness of a computer, network, software program.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,
HOW TO BUILD A BETTER TESTBED Fabien Hermenier Robert Ricci LESSONS FROM A DECADE OF NETWORK EXPERIMENTS ON EMULAB TridentCom ’
Resource Optimization for Publisher/Subscriber-based Avionics Systems Institute for Software Integrated Systems Vanderbilt University Nashville, Tennessee.
Towards an integrated multimedia service hosting overlay Dongyan Xu Xuxian Jiang Proceedings of the 12th annual ACM international conference on Multimedia.
Interaction and Animation on Geolocalization Based Network Topology by Engin Arslan.
CONNECTING TO THE INTERNET
How SCADA Systems Work?.
An example of a pilot project as part of USP course:
TRUST:Team for Research in Ubiquitous Secure Technologies
Using An Isolated Network to Teach Advanced Networks and Security
Resources and Schedule
Performance Evaluation of Computer Networks
Comparison to existing state of security experimentation
Performance Evaluation of Computer Networks
Cyber Security of SCADA Systems Remote Terminal Units (RTU)
ONAP Architecture Principle Review
Presentation transcript:

This work was supported by the TRUST Center (NSF award number CCF ) Introduction Since public utilities must rely on the internet, they are vulnerable to cyber attacks. We test mitigation of network control system attacks by using the DETER testbed, which simulates & emulates vulnerabilities. We create a network topology, put plants & controllers on endpoints, attack them, and defend them by changing plant behavior. We examine developing, deploying, and modifying the plant & controller software, which is a major challenge of the project. Project Goals Plant Behavior plants are physical systems designed to facilitate automation [1]. computers that behave like networked plants will: a.hold a state.: e.g., temperature or electrical load. b.update state at regular times. c.send updated state to its controller. Plants update state through one of two ways: 1.scheduled orders from controllers. 2.regular time intervals. d.be influenced by external input from its controller. e.update state when its controller requests it. Controller Behavior A controller is a mechanism that regulates plants. Computers that behave like networked controllers will: a.Always accept updated plant states. b.Find plant future state from the plants updated state. c.Use the future state to calculate a control value. d.Send the control value to the plant as plant input. Methods To create credible experiments, we take these steps, in this order: 1.Model the Abilene topology on DETER. 2.Add nodes to the endpoints to be plants & controllers. 3.Install plant & controller software on selected nodes. 4.Make plants & controllers look for initial values at startup, to facilitate testing various network control system behaviors. 5.Make the plant handshake with its controller. 6.Start normal plant & controller behavior. 7.Allow multiple plants to connect to one controller simultaneously 8.If the state is too large, have the plant quit. Implementation of Methods Simulation We simulate a system by imitating its functions [2]. We started by finding and using simulated plant & control software. Simulated software runs on one node. It simulates one controller & several plants. Generated traffic is logged by ns-2, a simulation platform. Goal : make a plant connect to a controller on another DETER node Problem : After installation, the plant & controller simulation runs correctly, but cannot communicate outside of ns-2. Solution : Emulate the plant & controller software. Emulation We emulate by mixing real components with simulated components [3]. Emulated Plant and Controller We test emulating plants & controllers by porting the simulation software to python [3], which is on all the nodes. The result: an emulated version that fulfills the methods criteria. Bonus: the emulation exceeds experimentation requirements by being easy to customize and having real network traffic communication. Result : tests on network control systems could begin. Improved Emulated Plant and Controller We find software customization speeds up research significantly We add a way to run lists of custom plants for specific durations. We improve logging for easier data filtering. These improvements also allow researching plant behavioral aspects. Conclusions Over the course of this research, we find that it is possible to create a simulation and an emulation of a network control system on DETER. We also find that the software is customizable to facilitate speedy and proper experimentation. As a result of using emulation, we are able to conduct a larger variety of experiments faster. Future Work The network control system can be improved. Below are recommendations 1.Compare the simulation software’s behavior, which is proven to be like a scalar plant & controller, to the emulated plant & controller 2.Find a way to integrate the simulation software to the emulated. 3.Integrate the emulated plant & controller with a DETER OS image 4.Find more plant software and add it for alternative experiments References [1] Liberatore, V. (2002, December 9). Network control Systems. Cleveland, Ohio, United States. [2] Merriam-Webster. (n.d.). simulation definition. Retrieved July 28, 2010, from [3] Shashi Guruprasad, R. R. (n.d.). Integrated Network Experimentation using Simulation and Emulation. Logan, Utah, United States. [4] Zappala, D. a. (n.d.). Python Network Programming. Provo, Utah, United States Simulating and Emulating network control systems on DETER Darrel Brower – Humboldt State University Graduate mentors: Saurabh Amin, Blaine Nelson, Suzanna Schmeelk Figure 1. A schematic of a network control system [1] Fig 2. Plant and controller software emulated on DETER using Python [1] Figure 3. emulation improvements. Shown here is the ability to run plants for limited time intervals before changing plant settings and restarting [1]

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.