SlideShare a Scribd company logo

OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

OpenNebula Project
OpenNebula Project

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly increasing, and the testing and experimentation of cyber defense solutions require the availability of separate, test environments that best reflect the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, and cyber security training activities, thus enabling enterprises to study cyber defense strategies and allowing security researchers to evaluate their algorithms at scale. The main objective is delivering to researchers and practitioners an overview of the technological means and the practical steps to setup a private cloud platform based on OpenNebula for the creation and management of virtual environments that support cyber-security activities of training and testing, as well as an overview of its possible applications in the cyber security domain. In particular: 1. We describe our infrastructure based on OpenNebula 2. We overview our application, sitting on top of OpenNebula, as well as the technological tools involved in the management of its lifecycle (e.g., Ansible)
. 3. We show how the platform can support various examples of security research activities
 [References] Building an emulation environment for cyber security analyses of complex networked systems, Tanasache, Florin Dragos and Sorella, Mara and Bonomi, Silvia and Rapone, Raniero and Meacci, Davide, ICDCN '19, ACM, 2019

Software
1 of 79
Download to read offline
Building Virtual Environments for Security Analyses of Complex Networked Systems Mara Sorella, Ph.D. Research center on Cyber Intelligence and Information Security (CIS) Department of Computer, Control and Management Engineering Sapienza University of Rome
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. Introduction
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Introduction
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
Our Project: Motivation
Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios
Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Solution A combination of techniques of network and security assessment, and cloud technologies to enable the deployment of fully virtualized instances of computer networks with high degree of affinity to actual reference scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
Solution overview
Solution overview
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Virtual Environment Infrastructure Design choices
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms Virtual Environment Infrastructure: IaaS
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms vendor stacks Virtual Environment Infrastructure: IaaS
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels vendor stacks Virtual Environment Infrastructure: IaaS
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels - Ease of setup and use - free, yet production ready vendor stacks Virtual Environment Infrastructure: IaaS
Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
• Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
• Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time /Images — GlusterFS mount point, OS images /System — instantiated machines disks /Files & Kernels — plain text files such as scripts OpenNebula Datastores Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
Inter- and intra- LAN comms, across different physical nodes Virtual switches: OpenVirtualSwitch, Linux Ethernet Bridge • Keeps a MAC database: tap0 — eth0 Network Layer Inter/intra Virtual LAN communications across physical nodes OVS Software implementation of a virtual multilayer network switch
Inter- and intra- LAN comms, across different physical nodesNetwork Layer OpenVirtualSwitch: software implementation of a virtual multilayer network switch also enables efficient data collection at the bridge level SPAN (Switched Port Analyzer)
Virtual Infrastructure: Overview
Virtual Infrastructure: Overview
server 1 server 2 … server n Virtual Infrastructure: Overview
server 1 server 2 … server n oned (master) Virtual Infrastructure: Overview
server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
switch (backbone) server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
switch (backbone) server 1 server 2 … server n br1 br2 br3 opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) VIRTUAL TESTBED EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
Testbed Design and Deployment
- Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab
- Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
- Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
1. VLANs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
1. VLANs 2. VMs 3. Virtual Routers A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
1. VLANs 2. VMs 3. Virtual Routers 4. Firewalls A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
Cylab:Architecture overview
Cylab:Architecture overview
Cylab:Architecture overview
Cylab:Architecture overview service installation
Applications
The infrastructure can support various activitiesApplications: Overview
1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) The infrastructure can support various activitiesApplications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
Applications Dataset Generation
Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
Malicious activities performed in the testbed, covering a diverse set of attack scenarios. Web attack - Drupal Ransomware Attack (WannaCry) We collected a publicly released dataset containing complete network traces, enriched with labeled features Dataset Generation: cyber attacks
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
Information to be gathered from the virtual testbed include: • routing tables • system logs • firewall rules • ACLs from network devices • installed applications (+CVE) • running services • open ports This info is using an out-of-band “management” interface for each machine Data collection: metadata
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server Ongoing work
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork oneuser oneacl onehost onecluster API support still lacking: …
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

Recommended

NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10OpenNebula Project
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebula Project
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItOpenNebula Project
 
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...OpenNebula Project
 
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...OpenNebula Project
 
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on SwiftOpenStack Korea Community
 
OpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebulaOpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebulaOpenNebula Project
 
Using the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStackUsing the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStackShapeBlue
 

Recommended

NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10OpenNebula Project
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebula Project
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItOpenNebula Project
 
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...OpenNebula Project
 
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...OpenNebula Project
 
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on SwiftOpenStack Korea Community
 
OpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebulaOpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebulaOpenNebula Project
 
Using the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStackUsing the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStackShapeBlue
 
Introduction and CloudStack news
Introduction and CloudStack newsIntroduction and CloudStack news
Introduction and CloudStack newsShapeBlue
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use caseVietnam Open Infrastructure User Group
 
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission UpdateOpenStack Korea Community
 
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiComparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiGiuseppe Paterno'
 
OpenStack and Windows
OpenStack and WindowsOpenStack and Windows
OpenStack and WindowsAlessandro Pilotti
 
CloudStack networking
CloudStack networkingCloudStack networking
CloudStack networkingShapeBlue
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStackVictor Zhang
 
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula Project
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsShapeBlue
 
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula Project
 
CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016ShapeBlue
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customersgavin_lee
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebula Project
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebula Project
 
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebula Project
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack buildacloud
 
dodai_grizzly.pdf
dodai_grizzly.pdfdodai_grizzly.pdf
dodai_grizzly.pdfOpenStack Foundation
 
Where We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InWhere We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InScott Lowe
 
Does Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackDoes Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackNermina Miller
 
Apache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanApache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanKimihiko Kitase
 
Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCanturk Isci
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersIben Rodriguez
 

More Related Content

What's hot

Introduction and CloudStack news
Introduction and CloudStack newsIntroduction and CloudStack news
Introduction and CloudStack newsShapeBlue
 
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission UpdateOpenStack Korea Community
 
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiComparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiGiuseppe Paterno'
 
CloudStack networking
CloudStack networkingCloudStack networking
CloudStack networkingShapeBlue
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStackVictor Zhang
 
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula Project
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsShapeBlue
 
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula Project
 
CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016ShapeBlue
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customersgavin_lee
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebula Project
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebula Project
 
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebula Project
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack buildacloud
 
Where We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InWhere We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InScott Lowe
 
Does Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackDoes Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackNermina Miller
 
Apache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanApache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanKimihiko Kitase
 

What's hot (20)

Introduction and CloudStack news
Introduction and CloudStack newsIntroduction and CloudStack news
Introduction and CloudStack news
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use case
 
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
 
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiComparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
 
OpenStack and Windows
OpenStack and WindowsOpenStack and Windows
OpenStack and Windows
 
CloudStack networking
CloudStack networkingCloudStack networking
CloudStack networking
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStack
 
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack news
 
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
 
CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customers
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
 
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack
 
dodai_grizzly.pdf
dodai_grizzly.pdfdodai_grizzly.pdf
dodai_grizzly.pdf
 
Where We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InWhere We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits In
 
Does Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackDoes Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStack
 
Apache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanApache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon Japan
 

Similar to OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCanturk Isci
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersIben Rodriguez
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Canturk Isci
 
Microservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itMicroservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itGiuseppe Lavagetto
 
Prevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxPrevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxNoorFathima60
 
The Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on KubernetesThe Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on KubernetesJacopo Nardiello
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure SecurityRicky Sanders
 
Workshop - Openstack, Cloud Computing, Virtualization
Workshop - Openstack, Cloud Computing, VirtualizationWorkshop - Openstack, Cloud Computing, Virtualization
Workshop - Openstack, Cloud Computing, VirtualizationJayaprakash R
 
Openstack workshop @ Kalasalingam
Openstack workshop @ KalasalingamOpenstack workshop @ Kalasalingam
Openstack workshop @ KalasalingamBeny Raja
 
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan MarcilOWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan MarcilJonathan Marcil
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfTaherAzzam2
 
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...Corley S.r.l.
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 
Inherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsInherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsOPNFV
 
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...José Ferreiro
 
Presentation copy
Presentation copyPresentation copy
Presentation copyAdel Zalok
 

Similar to OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome (20)

Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017
 
Microservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itMicroservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.it
 
Prevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxPrevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptx
 
The Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on KubernetesThe Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on Kubernetes
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure Security
 
Workshop - Openstack, Cloud Computing, Virtualization
Workshop - Openstack, Cloud Computing, VirtualizationWorkshop - Openstack, Cloud Computing, Virtualization
Workshop - Openstack, Cloud Computing, Virtualization
 
Openstack workshop @ Kalasalingam
Openstack workshop @ KalasalingamOpenstack workshop @ Kalasalingam
Openstack workshop @ Kalasalingam
 
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan MarcilOWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
 
Zerovm backgroud
Zerovm backgroudZerovm backgroud
Zerovm backgroud
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
 
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
 
Inherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsInherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV Deployments
 
9(1)
9(1)9(1)
9(1)
 
Mini Project- Virtual Network Project
Mini Project- Virtual Network ProjectMini Project- Virtual Network Project
Mini Project- Virtual Network Project
 
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
 
Presentation copy
Presentation copyPresentation copy
Presentation copy
 

More from OpenNebula Project

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebula Project
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebula Project
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebula Project
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebula Project
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebula Project
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebula Project
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaOpenNebula Project
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula Project
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHOpenNebula Project
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayOpenNebula Project
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaOpenNebula Project
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud EnvironmentsOpenNebula Project
 
CheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaCheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaOpenNebula Project
 
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaOpenNebula Project
 
OpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful CloudsOpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful CloudsOpenNebula Project
 
Nested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughNested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughOpenNebula Project
 
A Data Pro - Project Serendipity
A Data Pro - Project Serendipity A Data Pro - Project Serendipity
A Data Pro - Project Serendipity OpenNebula Project
 
The UNICORE Project: Unikraft and OpenNebula
The UNICORE Project: Unikraft and OpenNebulaThe UNICORE Project: Unikraft and OpenNebula
The UNICORE Project: Unikraft and OpenNebulaOpenNebula Project
 

More from OpenNebula Project (20)

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebula
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISP
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebula
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud Environments
 
CheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaCheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebula
 
DE-CIX: CloudConnectivity
DE-CIX: CloudConnectivityDE-CIX: CloudConnectivity
DE-CIX: CloudConnectivity
 
DDC Demo
DDC DemoDDC Demo
DDC Demo
 
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebula
 
OpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful CloudsOpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful Clouds
 
Nested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughNested virtualization & PCI pass-through
Nested virtualization & PCI pass-through
 
A Data Pro - Project Serendipity
A Data Pro - Project Serendipity A Data Pro - Project Serendipity
A Data Pro - Project Serendipity
 
The UNICORE Project: Unikraft and OpenNebula
The UNICORE Project: Unikraft and OpenNebulaThe UNICORE Project: Unikraft and OpenNebula
The UNICORE Project: Unikraft and OpenNebula
 

Recently uploaded

DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 

Recently uploaded (20)

DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 

OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

  • 1. Building Virtual Environments for Security Analyses of Complex Networked Systems Mara Sorella, Ph.D. Research center on Cyber Intelligence and Information Security (CIS) Department of Computer, Control and Management Engineering Sapienza University of Rome
  • 2. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. Introduction
  • 3. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Introduction
  • 4. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction
  • 5. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
  • 6. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
  • 8. Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios
  • 9. Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
  • 10. Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Solution A combination of techniques of network and security assessment, and cloud technologies to enable the deployment of fully virtualized instances of computer networks with high degree of affinity to actual reference scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
  • 21. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms Virtual Environment Infrastructure: IaaS
  • 22. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms vendor stacks Virtual Environment Infrastructure: IaaS
  • 23. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels vendor stacks Virtual Environment Infrastructure: IaaS
  • 24. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels - Ease of setup and use - free, yet production ready vendor stacks Virtual Environment Infrastructure: IaaS
  • 25. Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
  • 26. • Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
  • 27. • Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time /Images — GlusterFS mount point, OS images /System — instantiated machines disks /Files & Kernels — plain text files such as scripts OpenNebula Datastores Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
  • 28. Inter- and intra- LAN comms, across different physical nodes Virtual switches: OpenVirtualSwitch, Linux Ethernet Bridge • Keeps a MAC database: tap0 — eth0 Network Layer Inter/intra Virtual LAN communications across physical nodes OVS Software implementation of a virtual multilayer network switch
  • 29. Inter- and intra- LAN comms, across different physical nodesNetwork Layer OpenVirtualSwitch: software implementation of a virtual multilayer network switch also enables efficient data collection at the bridge level SPAN (Switched Port Analyzer)
  • 32. server 1 server 2 … server n Virtual Infrastructure: Overview
  • 33. server 1 server 2 … server n oned (master) Virtual Infrastructure: Overview
  • 34. server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 35. server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 36. switch (backbone) server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 37. switch (backbone) server 1 server 2 … server n br1 br2 br3 opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 38. switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 39. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 40. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 41. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 42. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 43. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) VIRTUAL TESTBED EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 44. Testbed Design and Deployment
  • 45. - Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab
  • 46. - Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
  • 47. - Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
  • 48. 1. VLANs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
  • 49. 1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
  • 50. 1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
  • 51. 1. VLANs 2. VMs 3. Virtual Routers A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
  • 52. 1. VLANs 2. VMs 3. Virtual Routers 4. Firewalls A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
  • 58. The infrastructure can support various activitiesApplications: Overview
  • 59. 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) The infrastructure can support various activitiesApplications: Overview
  • 60. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 61. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 62. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 63. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 64. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 65. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 67. Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
  • 68. Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
  • 69. Malicious activities performed in the testbed, covering a diverse set of attack scenarios. Web attack - Drupal Ransomware Attack (WannaCry) We collected a publicly released dataset containing complete network traces, enriched with labeled features Dataset Generation: cyber attacks
  • 70. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
  • 71. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
  • 72. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
  • 73. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
  • 74. Information to be gathered from the virtual testbed include: • routing tables • system logs • firewall rules • ACLs from network devices • installed applications (+CVE) • running services • open ports This info is using an out-of-band “management” interface for each machine Data collection: metadata
  • 75. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server Ongoing work
  • 76. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work
  • 77. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork
  • 78. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork oneuser oneacl onehost onecluster API support still lacking: …