CSET '10 PROGRAM ABSTRACTS

UPBOT: A Testbed for Cyber-Physical Systems
Back to Program
Developing software for cyber-physical systems presents a unique challenge. These systems are not simply software; they are composed of software running on a collection of machines that present a risk to human safety if anything goes wrong. Researchers want to create languages and tools that aid in the development of secure and fault-tolerant software, but they cannot simply "try out" their ideas on a fighter jet. This paper describes our modest UPBOT testbed. Pronounced yoo-pee-bät, it has three features that aptly comprise a cyber-physical system: networked control, enforceable physical properties, and off-the-shelf components. We offer that UPBOT can be used to effectively test security threats and defenses against cyber-physical systems; it presents multiple points of attack on a programmable, component-based system whose on-board intelligence may maintain safety-critical properties despite malicious attack. Given its low cost and low barrier to entry it may be especially useful to: i) undergraduates interested in learning about the domain; ii) researchers who lack access to oft-unavailable real systems but want to evaluate their solutions for cyber-physical systems.

Trusted Disk Loading in the Emulab Network Testbed
Back to Program
Network testbeds like Emulab allocate physical computers to users for the duration of an experiment. During an experiment, a user has nearly unfettered access to the devices under his or her control. Thus, at the end of an experiment, an allocated computer can be in an arbitrary state. A testbed must reclaim devices and ensure they are properly configured for future experiments. This is particularly important for security-related experiments: for example, a testbed must ensure that malware cannot persist on a device from one experiment to another. This paper presents the prototype trusted disk-loading system (TDLS) that we have implemented for Emulab. When Emulab allocates a PC to an experiment, the TDLS ensures that if experiment set-up succeeds, the PC is configured to boot the operating system specified by the user. The TDLS uses the Trusted Platform Module (TPM) of an allocated PC to securely communicate with Emulab's control infrastructure and attest about the PC's configuration. The TDLS prevents state from surviving from one experiment to another, and it prevents devices in the testbed from impersonating one another. The TDLS addresses the challenges of providing a scalable and flexible service, which allows large testbeds to support a wide range of systems research. We describe these challenges, detail our TDLS for Emulab, and present the lessons we have learned from its construction.

Isolated Virtualised Clusters: Testbeds for High-Risk Security Experimentation and Training
Back to Program
Adequate testbeds for conducting security experiments and test under controlled, safe, repeatable and as-realistic-as-possible conditions, are a key element for the research and development of adequate security solutions and the training of security personnel and researchers. In this paper, we report on the construction and operations of isolated virtualised testbeds used in two separate security research labs in Canada and France, as part of a joint collaborative effort. The main idea was to use mid- to large-scale isolated computing clusters to obtain high levels of scale, manageability and safety by heavily leveraging virtualisation technology, open-source cluster management tools and a network architecture separating experiment and control traffic. Both facilities have been used for conducting different types of security research experiments, including in-lab reconstructions of botnets, denial-of-service attacks, and virus detection experimentation. They have also been used for teaching and training students in experimental security methods. We describe these facilities and the criteria that we used to design them, the research and training activities that were conducted, and close by discussing the lessons learned and the pros and cons of this approach.

Experiences with Practice-Focused Undergraduate Security Education
Back to Program
The combination of competitive security exercises and hands-on learning represents a powerful approach for teaching information system security. Although creating and maintaining such a course can be difficult, the benefits to learning are worthwhile. Our undergraduate Information Assurance course is practice-focused and makes substantial use of competitive exercises, such as the National Security Agency Cyber Defense Exercise, to promote learning. We recount experiences and lessons learned from creating and conducting this course.

The Blunderdome: An Offensive Exercise for Building Network, Systems, and Web Security Awareness
Back to Program
In spite of the controversy surrounding the practice of using offensive computer security exercises in information assurance curricula, it holds significant educational value. An exercise and architecture for an asymmetric (offense-only) security project, nicknamed "Blunderdome", has been deployed twice at the University of Tulsa: once to graduate students in a security engineering course, and once to high school students as part of a research internship program. This paper discusses the framework, the project, its educational value, and lessons learned for future deployments. Coverage is also given briefly to a summary of our position on the role of offensive exercises in security education.

Security Exercises for the Online Classroom with DETER
Back to Program
Creating high-quality homework with an emphasis on creativity and open-ended learning is challenging. This is especially true for online classes, which must be both accessible via the Internet and comparable in quality and value to projects that could be used in a traditional classroom. UCLA recently began offering an online master's degree program in computer science, which includes a course in computer security. This motivated the design of online coursework intended to take the place of the traditional in-class homework and group projects. The resulting security labs use standard security tools and the DETER testbed, which can be organized into networks of physical machines running real software. In these environments, students perform open-ended exercises involving file permissions, firewalls, software vulnerabilities, eavesdropping and injection, man-in-the-middle attacks, computer forensics, and network intrusion detection systems. We also created an extensive online lab manual to accompany the exercises. With some important technical caveats, DETER proved to be an excellent platform for online education, and the labs themselves have been a great success since they were introduced in 2008.

Webseclab Security Education Workbench
Back to Program
We have developed and tested a virtual-machine-based web-application security student laboratory, Webseclab, comprising a LAMP (Linux, Apache, MySQL, PHP) stack, a variety of development tools, and the three most popular browsers for the Linux platform. This environment, tested in weekly participatory labs and weekly homework, hosts a teaching framework, exercise sets and labs, and a sandboxed student development environment. Eighty incremental exercises based on recent security research, and challenge projects, including one based on real open-source applications, teach the major web application vulnerabilities and defenses, in an encapsulated environment that allows students to experiment freely without interfering with each other or with public networks. In contrast to problems experienced with hands-on projects used in previous years, student response to this platform and its contained exercises has been remarkably positive.