Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OpenNebulaConf 2016 - The Lightweight Approach to Build Cloud CyberSecurity Exercise Platform by Serena Pan, NCHC

286 views

Published on

In the era of Cloud Service and Internet of Things, information security has already become a transnational issue. In recent years, the large scale cyber attack via the connection of BotNet has become a thorny issue of Global information security. Taiwan is always the main target of international hackers due to the high dense of information devices and computers in campuses are always the favorite of hackers. To help tackling such an issue, the Ezilla, which is considered as a private Cloud toolkit ( integrated with OpenNebula), has been implemented by the CyberSecurity research team in the National Center for High-performance Computing (NCHC), Taiwan. Through the Ezilla which leverages OpenNebula and CyberSecuirty techniques, Cloud users can easily customize and configure a specified Cloud security training environment. It is an extremely lightweight approach helping users to access virtual computing resources. The main feature of this project is simplifying the utilization of Clouds. Our goal is to make Cloud security scientists or users painlessly to run their own CyberSecurity jobs on Cloud platforms, including Cyber Defense Exercise, Malware Knowledge Base, etc.. Based on the proposed CyberSecurity Exercise Platform, we also develop new functions which are private Cloud information security training service, Captur the Flags (CTF) competition service, and virtual networking service for enterprise.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

OpenNebulaConf 2016 - The Lightweight Approach to Build Cloud CyberSecurity Exercise Platform by Serena Pan, NCHC

  1. 1. PervasiveComputingLab The Lightway Approach to Build Cloud CyberSecurity Exercise Platform National Center for High-Performance Computing Yi-Lun Pan (Serena Pan) serenapan@nchc.narl.org.tw
  2. 2. PervasiveComputingLab Who’s Serena Pan?? —  I am an associate researcher in NCHC, Taiwan. —  Our project is Free Software, and also Open Source —  Virtualization technology (OpenStack and OpenNebula) and Cybersecurity technology
  3. 3. PervasiveComputingLab Outline —  What is Ezilla Project? —  What is Cybersecurity?? —  What does Ezilla do for Cybersecurity?? —  The Core Tech. of Ezilla ◦  How to Install Ezilla ◦  Demo
  4. 4. PervasiveComputingLab What is Ezilla —  Ezilla is designed to help users to build their own Private Cloud easily! —  Ezilla provides an user-friendly interface and an easy way to customize and configure based on users’ needs! —  Ezilla is consisted with three parts: ◦  DRBL (Diskless Remote Boot in Linux), ◦  Cloud Middleware - OpenNebula ◦  Web Interface
  5. 5. PervasiveComputingLab I NN I? ? ,IMN NDJI JA )TD (DMF MM P LMDJI h c I NN I? ? ,IMN )TD f ad k )TD P Virtual Machines )TD )TD MN L (5 , DIB SMN H ,H B m jlio be
  6. 6. PervasiveComputingLab (DMNLD ON ? D MSMN H )TD MN L )TD P Virtual Machines )TD ,IN LA I NN I? ? ,IMN NDJI JA )TD (DMF AO P LMDJI MN ( K JSH IN
  7. 7. PervasiveComputingLab What is Cybersecurity in NCHC?? —  NCHC Cloud Cybersecurity Exercise Platform Ezilla provides both user-friendly and straightforward interface for Cloud users.With One Click, Cloud users can build their own on-demand virtual cluster. Based on Cloud Service Infrastructure, CDX provides security training service, Capture the Flags (CTF) competition service, and virtual networking service for enterprise.
  8. 8. PervasiveComputingLab Real Classroom Environment Limited —  Hands on in Conference ◦  Unify Environment –  Time Consuming –  Hard Work ◦  Lots of Computers for Audiences –  Not enough computers –  Not enough networks
  9. 9. PervasiveComputingLab DLNO MMLJJH DLNO MMLJJH DLNO MMLJJH DLNO MMLJJH DLNO MMLJJH DLNO MMLJJH DLNO MMLJJH DLNO MMLJJH CSMD CDI M jlpgn - Ezilla Build Virtual Classroom
  10. 10. PervasiveComputingLab What is Cybersecurity?? —  International Organization ◦  The Honeynet Project Cloud Security Alliance FIRST Shadowserver Foundation… —  International Conference ◦  The Honeynet Project Annual Workshop Cloud Security Alliance Congress RSA Blackhat DEFCon AVAR
  11. 11. PervasiveComputingLab What does Ezilla do for Cybersecurity? —  Simplify demos and evaluations —  Reduce development and support costs —  Extend applications to the cloud
  12. 12. PervasiveComputingLab What does Ezilla do for Cybersecurity? —  System manager: ◦  One click install build private cloud - Fast Installation ◦  Easy to manage VMs -Build Multiple Template —  Users: ◦  Fast and user-friendly virtual environment ◦  Could access VM with the browser which support HTML 5 (Google chrome / firefox) ◦  Could use RDP and ssh to access VM
  13. 13. PervasiveComputingLab Use Case —  Who use Ezilla so far.. ◦  NTU, NCTU, NCKU.. ◦  Virtual Classroom –NCTU, NCHC and Inventec –  System SDN-based Networks –  Software Ezilla –  Hardware Zion Servers are provided by Inventec Zion SDN- based Networks Inventoc Server + + =1000+ Virtual CDX Classroom
  14. 14. PervasiveComputingLab Create 50 Ubuntu Create 50 Windows Create 200 Linux It can generate a lot virtual machines (different OS or with specific applicat
  15. 15. PervasiveComputingLab Windows Ubuntu Linux Clusters
  16. 16. PervasiveComputingLab NCTUNCHC Ezilla —  https://www.youtube.com/watch? v=jsDMUbZjnjk
  17. 17. PervasiveComputingLab Educational Purpose for Information Security —  NQJLF ( A IM I? NN F NAJLH L DIDIB ◦  JOLM W DNC ( K NAJLH MNO? IN I ADI? Q FI MM M LP L I? NC I NJ KL ND I? P LDAS QC N NC S LI ? ◦  JHK NDNDJI W DNC ( K NAJLH N C LM I KLJPD? IS FDI? JA M I LDJ JHK NDNDJI —  ,IAJLH NDJI OLDNS O I L D DND M L DIDIB ◦  L DI CJQ NJ ADI? PO I L M LP L ◦  ,IAJLH NDJI M OLDNS ? N I SMDM PD + ?JJK OMN L
  18. 18. PervasiveComputingLab Educational Purpose for Information Security
  19. 19. PervasiveComputingLab Educational Purpose for Information Security
  20. 20. PervasiveComputingLab The Benefit of Cloud Virtual Classroom —  No time and space limited, students can enjoy seamless education. 20 After School In Class
  21. 21. •  LF NK LPD –  J N ,IAJLH NDJI OLDNS K I JOL JJ FDN •  MN OD ? )IPDLJIH IN Marketplace
  22. 22. PRAGMA Cloud CDX MarketplaceI Need Cloud
  23. 23. PervasiveComputingLab The Core Tech. of Ezilla —  I NN I? ? ,IMN NDJI ◦  FD FMN LNUKL M ? —  JO? D?? Q L –  . , )U 5 ?DL N U DLN, U. –  D PDLN –  K I O –  V —  A!M LPD ,IN LA ◦  OD ? M L!ALD I? S )IPDLJIH IN –  E R –  + –  V –  - O LS
  24. 24. PervasiveComputingLab The Core Tech. of Ezilla DRBL —  Diskless Remote Boot in Linux ◦  NCHC Free Software Lab. ◦  Ezilla slave no need Hard Disk and Software ◦  Clonezilla is embedded, so you can copy and reinstall computers at the same time ◦  Via PXE, you can install OS easily. —  How does Ezilla Slave use DRBL? ◦  Ezilla Diskless Version –  Using Single System Image (SSI) mode –  After network booting, OS is executed in memory –  (SI HD RN IMDJI JHKONDIB L MJOL M –  RD H I B H IN ◦  Ezilla Disk Full Version –  Via PXE network booting, and then execute network installation
  25. 25. PervasiveComputingLab How to install Ezilla —  Ezilla Master
  26. 26. PervasiveComputingLab ¨  ,NXM ?JI V C N J MS ¨  MDIB ) NJ L JJN )TD M P
  27. 27. PervasiveComputingLab ¨  AN L (5 JJNDIBV
  28. 28. PervasiveComputingLab The Demo – CDX Website https://cdx.nchc.org.tw
  29. 29. PervasiveComputingLab The Demo – CDX Website https://cdx.nchc.org.tw
  30. 30. PervasiveComputingLab The Demo – Create VM
  31. 31. PervasiveComputingLab The Demo – Select Template
  32. 32. PervasiveComputingLab The Demo – Network Interface
  33. 33. PervasiveComputingLab The Demo – WebVNC
  34. 34. PervasiveComputingLab What is SPARTA —  SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. —  http://sparta.secforce.com
  35. 35. PervasiveComputingLab The Demo – Use SPARTA
  36. 36. PervasiveComputingLab The Demo – Use SPARTA
  37. 37. PervasiveComputingLab The Demo – Armitage: Scan machine
  38. 38. PervasiveComputingLab The Demo – Armitage: Find Attacks
  39. 39. PervasiveComputingLab The Demo – Armitage: Verify Pattern
  40. 40. PervasiveComputingLab The Demo – Armitage: Get into Server
  41. 41. PervasiveComputingLab Thank You!

×