SlideShare a Scribd company logo

OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

OpenNebula Project
OpenNebula Project

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly increasing, and the testing and experimentation of cyber defense solutions require the availability of separate, test environments that best reflect the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, and cyber security training activities, thus enabling enterprises to study cyber defense strategies and allowing security researchers to evaluate their algorithms at scale. The main objective is delivering to researchers and practitioners an overview of the technological means and the practical steps to setup a private cloud platform based on OpenNebula for the creation and management of virtual environments that support cyber-security activities of training and testing, as well as an overview of its possible applications in the cyber security domain. In particular: 1. We describe our infrastructure based on OpenNebula 2. We overview our application, sitting on top of OpenNebula, as well as the technological tools involved in the management of its lifecycle (e.g., Ansible)
. 3. We show how the platform can support various examples of security research activities
 [References] Building an emulation environment for cyber security analyses of complex networked systems, Tanasache, Florin Dragos and Sorella, Mara and Bonomi, Silvia and Rapone, Raniero and Meacci, Davide, ICDCN '19, ACM, 2019

Software
1 of 79
Download to read offline
Building Virtual Environments for Security Analyses of Complex Networked Systems Mara Sorella, Ph.D. Research center on Cyber Intelligence and Information Security (CIS) Department of Computer, Control and Management Engineering Sapienza University of Rome
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. Introduction
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Introduction
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
Our Project: Motivation
Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios
Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Solution A combination of techniques of network and security assessment, and cloud technologies to enable the deployment of fully virtualized instances of computer networks with high degree of affinity to actual reference scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
Solution overview
Solution overview
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Solution overview Testbed Specification
Virtual Environment Infrastructure Design choices
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms Virtual Environment Infrastructure: IaaS
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms vendor stacks Virtual Environment Infrastructure: IaaS
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels vendor stacks Virtual Environment Infrastructure: IaaS
Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels - Ease of setup and use - free, yet production ready vendor stacks Virtual Environment Infrastructure: IaaS
Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
• Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
• Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time /Images — GlusterFS mount point, OS images /System — instantiated machines disks /Files & Kernels — plain text files such as scripts OpenNebula Datastores Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
Inter- and intra- LAN comms, across different physical nodes Virtual switches: OpenVirtualSwitch, Linux Ethernet Bridge • Keeps a MAC database: tap0 — eth0 Network Layer Inter/intra Virtual LAN communications across physical nodes OVS Software implementation of a virtual multilayer network switch
Inter- and intra- LAN comms, across different physical nodesNetwork Layer OpenVirtualSwitch: software implementation of a virtual multilayer network switch also enables efficient data collection at the bridge level SPAN (Switched Port Analyzer)
Virtual Infrastructure: Overview
Virtual Infrastructure: Overview
server 1 server 2 … server n Virtual Infrastructure: Overview
server 1 server 2 … server n oned (master) Virtual Infrastructure: Overview
server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
switch (backbone) server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
switch (backbone) server 1 server 2 … server n br1 br2 br3 opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) VIRTUAL TESTBED EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
Testbed Design and Deployment
- Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab
- Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
- Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
1. VLANs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
1. VLANs 2. VMs 3. Virtual Routers A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
1. VLANs 2. VMs 3. Virtual Routers 4. Firewalls A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
Cylab:Architecture overview
Cylab:Architecture overview
Cylab:Architecture overview
Cylab:Architecture overview service installation
Applications
The infrastructure can support various activitiesApplications: Overview
1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) The infrastructure can support various activitiesApplications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
[ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
Applications Dataset Generation
Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
Malicious activities performed in the testbed, covering a diverse set of attack scenarios. Web attack - Drupal Ransomware Attack (WannaCry) We collected a publicly released dataset containing complete network traces, enriched with labeled features Dataset Generation: cyber attacks
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
Information to be gathered from the virtual testbed include: • routing tables • system logs • firewall rules • ACLs from network devices • installed applications (+CVE) • running services • open ports This info is using an out-of-band “management” interface for each machine Data collection: metadata
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server Ongoing work
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork
Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork oneuser oneacl onehost onecluster API support still lacking: …
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

Recommended

NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10
OpenNebula Project
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebula Project
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do It
OpenNebula Project
 
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebula Project
 
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebula Project
 
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
OpenStack Korea Community
 
OpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebulaOpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula Project
 
Using the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStackUsing the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStack
ShapeBlue
 

Recommended

NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10
OpenNebula Project
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebula Project
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do It
OpenNebula Project
 
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebulaconf2017US: Software defined networking with OpenNebula by Roy Keen...
OpenNebula Project
 
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebulaConf2018 - We use OpenNebula everywhere now - Florian Heigl and Tho...
OpenNebula Project
 
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
[OpenStack Day in Korea 2015] Track 2-6 - Apache Tajo on Swift
OpenStack Korea Community
 
OpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebulaOpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula TechDay Boston 2015 - An introduction to OpenNebula
OpenNebula Project
 
Using the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStackUsing the KVMhypervisor in CloudStack
Using the KVMhypervisor in CloudStack
ShapeBlue
 
Introduction and CloudStack news
Introduction and CloudStack newsIntroduction and CloudStack news
Introduction and CloudStack news
ShapeBlue
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use case
Vietnam Open Infrastructure User Group
 
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
OpenStack Korea Community
 
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiComparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Giuseppe Paterno'
 
OpenStack and Windows
OpenStack and WindowsOpenStack and Windows
OpenStack and Windows
Alessandro Pilotti
 
CloudStack networking
CloudStack networkingCloudStack networking
CloudStack networking
ShapeBlue
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStack
Victor Zhang
 
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula Project
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack news
ShapeBlue
 
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula Project
 
CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016
ShapeBlue
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customers
gavin_lee
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebula Project
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebula Project
 
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebula Project
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack
buildacloud
 
dodai_grizzly.pdf
dodai_grizzly.pdfdodai_grizzly.pdf
dodai_grizzly.pdf
OpenStack Foundation
 
Where We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InWhere We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits In
Scott Lowe
 
Does Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackDoes Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStack
Nermina Miller
 
Apache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanApache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon Japan
Kimihiko Kitase
 
Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Canturk Isci
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
Iben Rodriguez
 

More Related Content

What's hot

Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiComparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Giuseppe Paterno'
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebula Project
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebula Project
 
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebula Project
 

What's hot (20)

Introduction and CloudStack news
Introduction and CloudStack newsIntroduction and CloudStack news
Introduction and CloudStack news
 
Applying OpenStack at iNET use case
Applying OpenStack at iNET use caseApplying OpenStack at iNET use case
Applying OpenStack at iNET use case
 
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
[OpenStack Day in Korea 2015] Keynote 1 - OpenStack Mission Update
 
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s GanetiComparing IaaS: VMware vs OpenStack vs Google’s Ganeti
Comparing IaaS: VMware vs OpenStack vs Google’s Ganeti
 
OpenStack and Windows
OpenStack and WindowsOpenStack and Windows
OpenStack and Windows
 
CloudStack networking
CloudStack networkingCloudStack networking
CloudStack networking
 
CloudStack vs OpenStack
CloudStack vs OpenStackCloudStack vs OpenStack
CloudStack vs OpenStack
 
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebulaOpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
OpenNebula TechDay Waterloo 2015 - An Introduction to OpenNebula
 
CloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack newsCloudStack EU user group - CloudStack news
CloudStack EU user group - CloudStack news
 
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berryOpenNebula TechDay Waterloo 2015 - Private cloud at black berry
OpenNebula TechDay Waterloo 2015 - Private cloud at black berry
 
CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016CloudStack News, Berlin 16 june 2016
CloudStack News, Berlin 16 june 2016
 
CloudStack challenges for China customers
CloudStack challenges for China customersCloudStack challenges for China customers
CloudStack challenges for China customers
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
 
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
OpenNebulaConf 2016 - VTastic: Akamai Innovations for Distributed System Test...
 
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
OpenNebulaconf2017US: Vtastic:Akamai innovations for distributed system testi...
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack
 
dodai_grizzly.pdf
dodai_grizzly.pdfdodai_grizzly.pdf
dodai_grizzly.pdf
 
Where We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits InWhere We're Headed and Where NSX Fits In
Where We're Headed and Where NSX Fits In
 
Does Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStackDoes Hypervisor matter in OpenStack
Does Hypervisor matter in OpenStack
 
Apache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon JapanApache CloudStack at LinuxCon Japan
Apache CloudStack at LinuxCon Japan
 

Similar to OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
Iben Rodriguez
 
The Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on KubernetesThe Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on Kubernetes
Jacopo Nardiello
 
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan MarcilOWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
Jonathan Marcil
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
TaherAzzam2
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
dvmug1
 
Mini Project- Virtual Network Project
Mini Project- Virtual Network ProjectMini Project- Virtual Network Project
Mini Project- Virtual Network Project
University of Hertfordshire, School of Electronic Communications and Electrical Engineering
 

Similar to OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome (20)

Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, RuntimeCloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
Cloud Foundations: Visibility, Analytics, Security, Programming Models, Runtime
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017
 
Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017Rutgers Cloud Seminar 2017
Rutgers Cloud Seminar 2017
 
Microservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.itMicroservices - when, why and how incontrodevops.it
Microservices - when, why and how incontrodevops.it
 
Prevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxPrevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptx
 
The Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on KubernetesThe Art of Cloud Native Defense on Kubernetes
The Art of Cloud Native Defense on Kubernetes
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure Security
 
Workshop - Openstack, Cloud Computing, Virtualization
Workshop - Openstack, Cloud Computing, VirtualizationWorkshop - Openstack, Cloud Computing, Virtualization
Workshop - Openstack, Cloud Computing, Virtualization
 
Openstack workshop @ Kalasalingam
Openstack workshop @ KalasalingamOpenstack workshop @ Kalasalingam
Openstack workshop @ Kalasalingam
 
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan MarcilOWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
OWASP Québec: Threat Modeling Toolkit - Jonathan Marcil
 
Zerovm backgroud
Zerovm backgroudZerovm backgroud
Zerovm backgroud
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
 
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
Cloud party 2014 - Deploy your infrastructure with Saltstack - Salt Cloud wit...
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
 
Inherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsInherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV Deployments
 
9(1)
9(1)9(1)
9(1)
 
Mini Project- Virtual Network Project
Mini Project- Virtual Network ProjectMini Project- Virtual Network Project
Mini Project- Virtual Network Project
 
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
 
Presentation copy
Presentation copyPresentation copy
Presentation copy
 

More from OpenNebula Project

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebula Project
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebula Project
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
OpenNebula Project
 

More from OpenNebula Project (20)

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebula
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISP
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebula
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud Environments
 
CheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaCheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebula
 
DE-CIX: CloudConnectivity
DE-CIX: CloudConnectivityDE-CIX: CloudConnectivity
DE-CIX: CloudConnectivity
 
DDC Demo
DDC DemoDDC Demo
DDC Demo
 
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebula
 
OpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful CloudsOpenNebula and StorPool: Building Powerful Clouds
OpenNebula and StorPool: Building Powerful Clouds
 
Nested virtualization & PCI pass-through
Nested virtualization & PCI pass-throughNested virtualization & PCI pass-through
Nested virtualization & PCI pass-through
 
A Data Pro - Project Serendipity
A Data Pro - Project Serendipity A Data Pro - Project Serendipity
A Data Pro - Project Serendipity
 
The UNICORE Project: Unikraft and OpenNebula
The UNICORE Project: Unikraft and OpenNebulaThe UNICORE Project: Unikraft and OpenNebula
The UNICORE Project: Unikraft and OpenNebula
 

Recently uploaded

introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 

Recently uploaded (20)

10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 

OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of Complex Networked Systems - Mara Sorella - Sapienza Univ. of Rome

  • 1. Building Virtual Environments for Security Analyses of Complex Networked Systems Mara Sorella, Ph.D. Research center on Cyber Intelligence and Information Security (CIS) Department of Computer, Control and Management Engineering Sapienza University of Rome
  • 2. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. Introduction
  • 3. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Introduction
  • 4. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction
  • 5. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
  • 6. Starting from the past decade, cyber attacks have become increasingly sophisticated, stealthy, targeted and multi-faceted, featuring zero-day exploits and highly creative interdisciplinary attack methods. A common strategy is trying to play the role of the attacker and stress the network that is aimed to protect. Another key aspect is personnel training. Need to have a separate, dedicated environment that should be able to: ▪ represent realistic scenarios that fit the security testing objectives ▪ support the definition of new scenarios and cyber threats in a cost and time-effective manner Introduction This is typically achieved by instrumenting virtual environments, referred as cyber ranges
  • 8. Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios
  • 9. Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
  • 10. Our Project: Motivation ▪ Research focus: threat modeling, network hardening algorithms ▪ Goal: test and evaluate our research products in realistic scenarios ▪ Solution A combination of techniques of network and security assessment, and cloud technologies to enable the deployment of fully virtualized instances of computer networks with high degree of affinity to actual reference scenarios ▪ Issues very few existing datasets available limited information available typically small scale networks (<10 nodes)
  • 21. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms Virtual Environment Infrastructure: IaaS
  • 22. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms vendor stacks Virtual Environment Infrastructure: IaaS
  • 23. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels vendor stacks Virtual Environment Infrastructure: IaaS
  • 24. Major open source solutions: OpenNebula vs OpenStack Private cloud management, Infrastructure as a Service platforms - Complex, multitiered, vendor-driven - Many subprojects, each with different maturity levels - Ease of setup and use - free, yet production ready vendor stacks Virtual Environment Infrastructure: IaaS
  • 25. Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
  • 26. • Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
  • 27. • Replicated mode: exact copies of the data are maintained on the bricks • Fosters data locality at VM instantiation time /Images — GlusterFS mount point, OS images /System — instantiated machines disks /Files & Kernels — plain text files such as scripts OpenNebula Datastores Storage Layer Maintaining VM OS Images (“templates”) repository: distributed/replicated filesystem
  • 28. Inter- and intra- LAN comms, across different physical nodes Virtual switches: OpenVirtualSwitch, Linux Ethernet Bridge • Keeps a MAC database: tap0 — eth0 Network Layer Inter/intra Virtual LAN communications across physical nodes OVS Software implementation of a virtual multilayer network switch
  • 29. Inter- and intra- LAN comms, across different physical nodesNetwork Layer OpenVirtualSwitch: software implementation of a virtual multilayer network switch also enables efficient data collection at the bridge level SPAN (Switched Port Analyzer)
  • 32. server 1 server 2 … server n Virtual Infrastructure: Overview
  • 33. server 1 server 2 … server n oned (master) Virtual Infrastructure: Overview
  • 34. server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 35. server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 36. switch (backbone) server 1 server 2 … server n opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 37. switch (backbone) server 1 server 2 … server n br1 br2 br3 opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 38. switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 39. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 40. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 41. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 42. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 43. firewall switch (backbone) server 1 server 2 … server n br1 br2 br3 switch (service) VIRTUAL TESTBED EMULATION ENVIRONMENT INFRASTRUCTURE opennebula-kvm opennebula-kvmoned (master) Virtual Infrastructure: Overview
  • 44. Testbed Design and Deployment
  • 45. - Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab
  • 46. - Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
  • 47. - Cyber range Laboratory - Deploys a testbed starting from a YAML file (“infrastructure as a code”) Automatic Testbed Deployment: Cylab No opennebula provider
  • 48. 1. VLANs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
  • 49. 1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) Testbed Specification
  • 50. 1. VLANs 2. VMs A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
  • 51. 1. VLANs 2. VMs 3. Virtual Routers A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
  • 52. 1. VLANs 2. VMs 3. Virtual Routers 4. Firewalls A text-only configuration file (YAML representation) A Testbed “spec” A text-only configuration file (YAML representation) +custom init script support (CONTEXT / START_SCRIPT) Testbed Specification
  • 58. The infrastructure can support various activitiesApplications: Overview
  • 59. 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) The infrastructure can support various activitiesApplications: Overview
  • 60. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 61. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 62. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 63. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 64. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 65. [ICDCN ‘19] Tanasache, Sorella, Bonomi, Rapone, Meacci. Building an emulation environment for cyber security analyses of complex networked systems 1. Cyber-range deployment for security training and testing • cyber security scenario awareness • incident management (detection, investigation, response) 2. Dataset generation 3. Threat modeling & risk management • dynamic attack graph generation • network hardening • automatic attack path instantiation The infrastructure can support various activities case study [ICDCN ‘19] Applications: Overview
  • 67. Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
  • 68. Software agents deployed on the hosts, capturing different behavioral patterns Dataset Generation: benign traffic agents Protocols ▪ HTTP/HTTPS ▪ SSH ▪ SMB ▪ SFTP
  • 69. Malicious activities performed in the testbed, covering a diverse set of attack scenarios. Web attack - Drupal Ransomware Attack (WannaCry) We collected a publicly released dataset containing complete network traces, enriched with labeled features Dataset Generation: cyber attacks
  • 70. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
  • 71. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic
  • 72. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
  • 73. LAN1 LAN2 br1 br1 LAN3 br2 br2 LAN1 Data collection: network traffic For each network to be monitored, OVS port mirroring (SPAN) allows to mirror the traffic from all VM network interfaces toward a specific output port (1 x br x node)
  • 74. Information to be gathered from the virtual testbed include: • routing tables • system logs • firewall rules • ACLs from network devices • installed applications (+CVE) • running services • open ports This info is using an out-of-band “management” interface for each machine Data collection: metadata
  • 75. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server Ongoing work
  • 76. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work
  • 77. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork
  • 78. Toward a flexible and fully automated testbed ▪ Service + host behavior on-demand installation Ansible server + Catalog server ▪ Terraform Integration (opennebula provider) Ongoing work fork fork oneuser oneacl onehost onecluster API support still lacking: …