The DETER lab should come with a warning: Don’t try this at home.
The test bed, run jointly by USC and the University of California, Berkeley, provides a safe place to experiment with computer worms capable of taking over hundreds of thousands of machines. At the same time, it gives cyber-security experts a way to apply scientific-based methodologies to test their research and provides educational opportunities for aspiring cyber-security students.
It’s the world’s largest public resource of its kind, with thousands of users from universities, private companies and governments the world over using it to study the behavior of cyber-security threats.
Computers are tied to our water, power, banking and finance systems, making the need to study threats to that infrastructure all the more paramount, said Terry Benzel, project lead at the USC Viterbi School of Engineering’s Information Sciences Institute.
“All aspects of our society are tied up with critical computer systems,” she said. “The threats to that are very real.”
DETERlab was founded in 2003 with a $5.5 million grant from the Department of Homeland Security and funding from the National Science Foundation. The single test bed is connected over the Internet by two physical sites at USC and UC Berkeley. USC conducts more experimental research, while UC Berkeley focuses on operating and developing software for the test bed, Benzel said.
Research in cyber security is particularly challenging because it’s difficult to replicate experiments in controlled environments, as one would in a lab. DETERlab gives researchers a way to apply scientific rigor that helps to test and evaluate their experimental methods.
“In mathematics, you don’t publish a proof unless colleagues can recreate that proof,” Benzel said. “We don’t have that same thing in cyber security. How do you turn cyber security into mathematics? That’s a hard research problem in itself.”
DETERlab’s research and development program has provided new tools, techniques, methodology, resources and infrastructure for studying cyber security. It also has continued to earn support from government sources like the Department of Homeland Security, which awarded a $16 million contract in January to expand its functions.
That money is helping to develop software tools for researchers to control and validate their experiments, said Anthony Joseph, the project lead at UC Berkeley.
Joseph said DETERlab has allowed researchers to study a scale representation of Slammer, a worm that spread in 2004 and affected a majority of Internet users. The worm created so much data that it slowed its own progression through the Internet; the DETERlab experiment allowed researchers to study the same kinds of effects.
The test bed is an important tool for researchers, but its accessibility is what makes it unique. Private companies like McAfee and Intel have their own test beds, Benzel said, and some are even larger than DETERlab. But those companies focus on developing their own technology rather than pushing forward-thinking computer science.
“You can think of it as a national resource,” Joseph said. “It’s not just a university or company test bed.”
It also has a crucial educational function. The test bed began an educational mission in 2005 with a UC Berkeley class, and by last year, 19 classes at a variety of campuses had used DETERlab in their studies, including USC.
In 2010, a National Science Foundation grant funded a series of more than a dozen classroom exercises that would allow teachers and students to study using the test bed, Benzel said. The teacher does not have to know that much about DETERlab, and the exercises even show the teacher how to grade it.
About 800 students across a dozen or so universities have used the exercise. This educational component will help to train future cyber-security specialists for government and industry jobs.
“We help educate the next generation of infrastructure operators,” Benzel said. “Who is the person working at the nuclear power plant? We’re providing training today.”
DETER also is used to introduce undergraduate students to cyber-security research using the TRUST Center (Team for Research in Ubiquitous Secure Technology), also funded by the National Science Foundation. In the summer of 2010, it selected 16 undergraduate students from around the country to work on research projects for 12 weeks. Eight students used DETER to evaluate potential solutions to various problems they faced.