Cybersecurity Experimentation at Program Scale: Guidelines and Principles for Future Testbeds
作者: Stephen Schwab , Erik Kline
DOI: 10.1109/EUROSPW.2019.00017
关键词:
摘要: Cybersecurity Experimentation is often viewed narrowly in terms of a single technology or experiment. This paper reviews the experimentation life-cycle for two large scale research efforts that span multiple technologies. We identify salient aspects each cybersecurity program, and capture guidelines based on eight years experience. Extrapolating, we four principles building future experimental infrastructure: 1) Reduce cognitive burden experimenters when designing operating experiments. 2) Allow to encode their goals constraints. 3) Provide flexibility design. 4) multifaceted guidance help produce high-quality By following these principles, testbeds can enable significantly higherquality
sci-hub.se 参考文章(13)
Chris Wacek, Micah Sherr, Sandy Clark, Boon Thau Loo, Jonathan Smith, Clay Shields, Matt Blaze, Collaborative red teaming for anonymity system evaluation CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test. pp. 9- 9 ,(2012)
Genevieve Bartlett, Jelena Mirkovic, Expressing Different Traffic Models Using the LegoTG Framework 2015 IEEE 35th International Conference on Distributed Computing Systems Workshops. pp. 56- 63 ,(2015) , 10.1109/ICDCSW.2015.21
Brian White, Jay Lepreau, Leigh Stoller, Robert Ricci, Shashi Guruprasad, Mac Newbold, Mike Hibler, Chad Barb, Abhijeet Joglekar, An integrated experimental environment for distributed systems and networks ACM SIGOPS Operating Systems Review. ,vol. 36, pp. 255- 270 ,(2002) , 10.1145/844128.844152
Mark Berman, Jeffrey S. Chase, Lawrence Landweber, Akihiro Nakao, Max Ott, Dipankar Raychaudhuri, Robert Ricci, Ivan Seskar, GENI: A federated testbed for innovative network experiments Computer Networks. ,vol. 61, pp. 5- 23 ,(2014) , 10.1016/J.BJP.2013.12.037
Jeff Ahrenholz, Comparison of CORE network emulation platforms military communications conference. pp. 166- 171 ,(2010) , 10.1109/MILCOM.2010.5680218
Roy A. Maxion, Thomas A. Longstaff, John McHugh, Why is there no science in cyber science?: a panel discussion at NSPW 2010 new security paradigms workshop. pp. 1- 6 ,(2010) , 10.1145/1900546.1900548
Jelena Mirkovic, Terry V. Benzel, Ted Faber, Robert Braden, John T. Wroclawski, Stephen Schwab, The DETER project: Advancing the science of cyber security experimentation and test ieee international conference on technologies for homeland security. pp. 1- 7 ,(2010) , 10.1109/THS.2010.5655108
Christos Siaterlis, Bela Genge, Marc Hohenadel, EPIC: A Testbed for Scientifically Rigorous Cyber-Physical Security Experimentation IEEE Transactions on Emerging Topics in Computing. ,vol. 1, pp. 319- 330 ,(2013) , 10.1109/TETC.2013.2287188
David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, Aaron Johnson, None, Dissent in numbers: making strong anonymity scale operating systems design and implementation. pp. 179- 192 ,(2012) , 10.5555/2387880.2387898
R. Koetter, M. Medard, An algebraic approach to network coding IEEE ACM Transactions on Networking. ,vol. 11, pp. 782- 795 ,(2003) , 10.1109/TNET.2003.818197