Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010.

Published byAriel Atkins Modified over 9 years ago

Similar presentations

Presentation on theme: "The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010."— Presentation transcript:

1 The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010

2 Overview of DETER DETER Highlights - 3 distributed clusters, ~500 nodes - Combination of DETER developed software and legacy Emulab DETER Capabilities - Federation - Security Experimentation Environment (SEER) - Templates Federator DRAGON WAIL DETER Plug-ins to configure federants Internet Emulab GMPLS SEER CEDL USERS Credentials EmulabGMPLS Provisioned Connectivity

3 DDoS Experiment on DETER (circa 2005) Background Traffic: REPLAY | NTCG | HARPOON HIGH FIDELITY TRAFFIC Topology: BUILDING-BLOCKS | JUNIPER ROUTER CORE REALISTIC CONNECTIVITY AND SCALE-DOWN Attack Traffic: DETER-INTEGRATED ATTACK SCRIPTING AUTOMATION OF VARIETY OF SCENARIOS UNDER STUDY Instrumentation: PACKET AND HOST STATISTICS CAPTURE | SPECTRAL ANALYSIS | METRICS CALCULATION | INTEGRATED VISUALIZATION SEER: TOOLBOX FOR RIGOROUS INVESTIGATION OF RESULTS CORE AS-11357 ATTACK TRAFFIC BACKGROUND TRAFFIC

4 Security Experiment Methodology & Tools (circa 2005) Experimenter’s select from a palette of predefined elements: Topology, Background and Attack Traffic, and Data Capture and Instrumentation Our Methodology frames standard, systematic questions that guide an experimenter in selecting and combining the right elements Experiment Automation increases repeatability and efficiency by integrating the process within the DETER testbed environment PALETTESs METHODOLOGY & GUIDANCE EXPERIMENT AUTOMATION TOPOLOGY TRAFFIC ATTACK DATA-CAPTURE ? … but this level of abstraction leads to major drawbacks DETER -- integrated workbench & tools for experimenters…

5 Worm/Botnet Experiment (2009) 831 Virtual Nodes on 63 Physical PCs

6 Experiment Specification Large and Complex Experiments are more suitably constructed by combining abstract elements modeling different aspects (topology, traffic, networking devices, etc.) with constraints on behavior Example of such an experiment on previous slide hand-crafted (e.g. hand-compiled) experiment from abstract elements

7 Initial Approach: Archiving it All Intuition drawn from analogy with physical (discovery) sciences… Record all aspects of experiment to ensure (ideal) reproducibility Software Artifacts being investigated (often the researcher’s new system!) Operating Environment (OS, standard software on clients, servers in experiment scenario, network routers, firewalls, etc.) Experiment & Test Infrastructure (initialization, control, data collection, data reduction, data analysis, data visualization, …) Hardware All end-systems and routers/switches All firmware All chips/chipset variants (Tulip 21140As are not Tulip 21140Es!) Procedures All scripts and manual interactions required to run the experiment … networked systems require large and growing (unbounded) detail to describe precisely… which ideal reproducibility would seem to demand

8 Challenges to Ideal Archiving Separating Invariants from Contingencies An experiment requires certain properties; these are the essence of the experiment But every configuration detail must be specified; these are contingencies – merely choices (perhaps important to record) Repeatability should be primarily defined with respect to explicit invariants Experiment Internals Publications do not capture full details because increasing complexity of software, hardware and networking technologies result in (exponential?) growth in description of these aspects Peer-review process does not provide incentives to capture full details (noted in other position papers) Funding agencies do not provide sufficient funding to do so (how much detail can, will and should be demanded? Where is the limit on returns for dollars invested?) Granularity of Reuse Individual researchers are interested in examining, studying and re-running different elements of any given experiment Experiments that archive everything do not clearly delineate the various pieces

9 Future DETER Capability & Vision DETER is developing the capability to Specify Experiments Declaratively Reason about the software (or hardware) alternatives that may be available to realize each element in a testbed Select implementations that are sufficient to perform the experiment correctly … and ensure detection of fidelity-loss through the use of monitored invariants Resolve global conflicts among local element to implementation mappings DETER vision is to foster Reuse through sharing of tools, technology, results & ideas among researchers … and to promote this vision by providing abstractions, models and elements that are supported by our experiment life-cycle framework and tools Facilitate individuals and researchers focused on specific topics to create their own abstractions, models and elements

Download ppt "The Challenges of Repeatable Experiment Archiving – Lessons from DETER Stephen Schwab SPARTA, Inc. d.b.a. Cobham Analytic Solutions May 25, 2010."

Similar presentations

TIED: A Cluster of One TIED: Trial Integration Environment DETER built on.

TIED: A Cluster of One TIED: Trial Integration Environment DETER built on.
1 Computational Asset Description for Cyber Experiment Support using OWL Telcordia Contact: Marian Nodine Telcordia Technologies Applied Research

1 Computational Asset Description for Cyber Experiment Support using OWL Telcordia Contact: Marian Nodine Telcordia Technologies Applied Research
Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.

Module 13: Performance Tuning. Overview Performance tuning methodologies Instance level Database level Application level Overview of tools and techniques.
Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.

Module 5 - Switches CCNA 3 version 3.0 Cabrillo College.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
The Experience Factory May 2004 Leonardo Vaccaro.

The Experience Factory May 2004 Leonardo Vaccaro.
Networking Panel Jeannie Albrecht Williams College, Plush/Gush project Ivan Seskar Rutgers University, WINLAB/ORBIT project Steven Schwab Cobham Analytic.

Networking Panel Jeannie Albrecht Williams College, Plush/Gush project Ivan Seskar Rutgers University, WINLAB/ORBIT project Steven Schwab Cobham Analytic.
Toward Replayable Research in Networking and Systems Eric Eide University of Utah, School of Computing May 25, 2010.

Toward Replayable Research in Networking and Systems Eric Eide University of Utah, School of Computing May 25, 2010.
1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.

1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Ch.6 - Switches CCNA 3 version 3.0.

Ch.6 - Switches CCNA 3 version 3.0.
1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)

1 GENI: Global Environment for Network Innovations Jennifer Rexford On behalf of Allison Mankin (NSF)
Integrated Scientific Workflow Management for the Emulab Network Testbed Eric Eide, Leigh Stoller, Tim Stack, Juliana Freire, and Jay Lepreau and Jay Lepreau.

Integrated Scientific Workflow Management for the Emulab Network Testbed Eric Eide, Leigh Stoller, Tim Stack, Juliana Freire, and Jay Lepreau and Jay Lepreau.
Unified Modeling (Part I) Overview of UML & Modeling

Unified Modeling (Part I) Overview of UML & Modeling
© Copyright Eliyahu Brutman Programming Techniques Course.

© Copyright Eliyahu Brutman Programming Techniques Course.
1 Sonia Fahmy Ness Shroff Students: Roman Chertov Rupak Sanjel Center for Education and Research in Information Assurance and Security (CERIAS) Purdue.

1 Sonia Fahmy Ness Shroff Students: Roman Chertov Rupak Sanjel Center for Education and Research in Information Assurance and Security (CERIAS) Purdue.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
High-Level Assessment Month Year

High-Level Assessment Month Year
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Software Architecture. Agenda Why architect? What is architecture? What does an architect do? What principles guide the process of architecting?

Software Architecture. Agenda " Why architect? " What is architecture? " What does an architect do? " What principles guide the process of architecting?

Similar presentations

Ads by Google