Research on Virtual Network Lab
Cyber security experiments with potentially malicious software can possibly damage the testbed environment and "escape" into the Internet. Due to this security concern, networks used in such experiments are often totally isolated from production networks and the Internet. This choice, however, precludes remote access to testbeds used for security experiments, thus requiring costly duplication of equipment, manpower and expertise at sites that experiment with malicious software. We have therefore developed an alternative approach that is aimed at providing a degree of safety comparable to that of physically isolated testbeds while still permitting remote connectivity. Our approach relies on logical isolation of networks used in different security experiments using network virtualization at the datalink layer.
Our ongoing research is concerned with making this platform easily manageable. We are also very interested in efficient resource management techniques that can effectively utilize testbed resources, while supporting a wide range of users with dynamically changing requirements.
Related Publications
- [1] V-NetLab: An Approach for Realizing Logically Isolated Networks for Security Experiments
- , , and
Workshop on Cyber Security Experimentation and Test (in conjunction with USENIX Security) (CSET) July, 2008. - [2] V-NetLab: A Cost-Effective Platform to Support Course Projects in Computer Security
- , , , and
Annual Colloquium for Information Systems Security Education (CISSE) June, 2005.