Publications by the DETERLab Community

The DETERLab community has published various papers detailing work at least in part enabled by DETERLab. You can view peer-reviewed publications, other publications, theses, student projects and press articles below.

Peer-reviewed Publications

2017

  • Characterization and Comparison of DDoS Attack Tools and Traffic Generators - A Review. Sunny Behal and Krishan Kumar Saluja. Article in International Journal of Network Security 19(3):383-393, DOI: 10.6633/IJNS.201703.19(3).07), April 2017.

2016

2015

  • Cyber Security Teaching and Learning Laboratories: A Survey. Luke Topham, Kashif Kifayat, Younis A. Younis, Qi Shi, and Bob Askwith. Published in Information & Security: An International Journal, Vol. 35, December 2015.
  • Using the Cloud to Teach Computer Networks. Khaled Salah and M. Bazzaza. In Proceedings of the 8th IEEE/ACM International Conference on Utility and Cloud Computing (UCC '15), St. Raphael Resort, Limassol, Cyrus, December 2015.
  • Towards a Self-Adaptive Middleware for Building Reliable Publish/Subscribe Systems. Sisi Duan, Jingtao Sun, and Sean Peisert. Published in Internet and Distributed Computing Systems, Lecture Notes in Computer Science, Vol. 9258 2015, Springer International Publishing, (proceedings of) 8th International Conference, IDCS 2015, Windsor, United Kingdom, September 2-4, 2015.
  • Teaching Cybersecurity using the Cloud. Khaled Salah, Mohammad Hammoud, and Sherali Zeadally. In the Preprint/Early Access section in IEEEXplore, IEEE Transactions on Learning Technologies, Vol. 8., Issue No. 4, pp. 383-392, October - December 2015.
  • Metrics for V&V of Cyber Defenses. Martin S. Feather, Joel M. Wilf, and Joseph Priest. Published in Innovations in Systems and Software Engineering: A NASA Journal, Springer-Verlag London, October 2015.
  • Requirements and Challenges for Buidling a National Open Security Lab. Izzat M. Alsmadi, Mohammed N. Al-Kabi, and Emad Abu-Shanab. In Proceedings of the First Summit on Countering Cyber Crimes, Naif Arab University for Security Sciences, Riyadh, Kingdom of Saudi Arabia, October 2015.
  • Analyzing the Cyber-Physical Impact of Cyber Events on the Power Grid. Ren Liu, Ceeman Vellaithurai, Saugata S. Biswas, Thoshitha T. Gamage, and Anurag K. Srivastava. Published in IEEE Transactions on Smart Grid, Vol. 6, No. 5, pp. 2444-2453, September 2015.
  • Towards a Self-Adaptive Middleware for Building Reliable Publish/Subscribe Systems. Sisi Duan, Jingtao Sun, and Sean Peisert. In Proceedings of the 8th International Conference of Internet and Distributed Computing Systems (IDCS), Berkshire, United Kingdom, Springer, pp. 157-168, DOI: 10.1007/978-3-319-23237-9_14, September 2015.
  • KYPO: A Tool for Collaborative Study of Cyberattacks in Safe Cloud Environment. Zdenek Eichler, Radek Ošlejšek, and Dalibor Toth. Published in Human Aspects of Information Security, Privacy and Trust, Volume 9190 of the series Lecture Notes in Computer Science, pp. 190-199, July 2015.
  • Timed Consistent Network Updates. Tal Mizrahi, Efi Saat, and Yoram Moses. In Proceedings of the ACM SIGCOMM Symposium on SDN Research (SOSR '15), Santa Clara, California, June 2015.
  • Riposte: An Anonymous Messaging System Handling Millions of Users. Henry Corrigan-Gibbs, Dan Boneh, and David Mazières. In Proceedings of the 36th IEEE Symposium on Security and Privacy, The Fairmont, San Jose, California, May 2015.
  • Tor Experimentation Tools. Fatemeh Shirazi, Matthias Goehring, and Claudia Diaz. In Proceedings of the 2015 IEEE Security and Privacy Workshops (SPW '15), pp. 206-213, San Jose, California, May 2015.
  • An Effective Git and Org-Mode Based Workflow For Reproducilbe Research. Luka Stanisic, Arnaud Legrand, and Vincent Danjean. Published in ACM SIGOPS: Operating Systems Review, Vol. 49, pp. 61-70, January 2015.

2014

  • TESTREX: a Testbed for Repeatable Exploits. Stanislav Dashevskyi, Daniel Ricardo dos Santos, Fabio Massacci, and Antonino Sabetta. In Proceedings of the 7th Workshop on Cyber Security Experimentation and Test (CSET '14), San Diego, California, August 2014.
  • DCAFE: A Distributed Cyber Security Automation Framework for Experiments. George Rush, Daniel R. Tauritz, and Alexander D. Kent. In Proceedings of the IEEE 38th Annual International Computers, Software and Applications Conference Workshops (COMPSACW), pp. 134-139, Vasteras, Sweden, July 2014.
  • Firecycle: A Scalable Test Bed for Large-Scale LTE Security Research. Jill Jermyn, Roger Piqueras Jover, Mikhail Istomin, and Ilona Murynets. In Proceedings of the IEEE International Conference on Communications (IEEE ICC '14), Sydney Australia, June 2014.
  • Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats. Mingkui Wei and Wenye Wang. In Proceedings of the 2014 IEEE Infocom - International Conference on Computer Communications, Toronto, Canada, April 27 - May 2, 2014.
  • Cyber Defense of Space-Based Assets: Verifying and Validating Defensive Designs and Implementations. DJ Byrne, David Morgan, Kymie Tan, Bryan Johnson, and Chris Dorros. In Proceedings of the 2014 Conference on Systems Engineering Research (CSER '14), Redondo Beach, California, March 2014.
  • Harnessing the Cloud for Teaching Cybersecurity. Khaled Salah. In Proceedings of the 45th ACM Technical Symposium on Computer Science Education (SIGCSE '14), Atlanta, Georgia, March 2014.
  • A Framework for Generating Realistic Traffic for Distributed Denial-of-Service Attacks and Flash Events. Sajal Bhatia, Desmond Schmidt, George Mohay, and Alan Tickle. Published in Computers and Security Journal, Volume 40, pp. 95-107, February 2014.
  • User Traffic Profile for Traffic Reduction and Effective Bot C&C Detection. Soniya Balram and M. Wilsey. In the International Journal of Network Security, Vol. 16, No. 1, pp. 37-43, January 2014.

2013

2012

2011

2010

2009

2008

  • On the Impacts of Low Rate DoS Attacks on VoIP Traffic. A. Shevtekar, J. Stille and N. Ansari. In Wiley Security and Communication Networks, Vol. 1, No. 1, pp. 45-56, January - February 2008.
  • A Model of the Spread of Randomly Scanning Internet Worms that Saturate Access Links. G. Kesidis, I. Hamadeh, Y. Jin, S. Jiwasurat and M. Vojnovic. In ACM Transactions on Modeling and Computer Simulation (TOMACS), Vol. 18, Issue 2, April 2008.
  • SWOON: A Testbed for Secure Wireless Overlay Networks. Y.L. Huang, J.D. Tygar, H.Y. Lin, L.Y. Yeh, H.Y. Tsai, K. Sklower, S.P. Shieh, C.C. Wu, P.H. Lu, S.Y. Chien, Z.S. Lin, L.W. Hsu, C.W. Hsu, C.T. Hsu, Y.C. Wu and M.S. Leong. In Proceedings of the CyberSecurity Experimentation and Test (CSET) Workshop, July 2008.
  • To Filter or to Authorize: Network-Layer DoS Defense Against Multimillion-node Botnets. Xin Liu, Xiaowei Yang and Yanbin Lu. In ACM SIGCOMM, August 2008.
  • Fidelity of Network Simulation and Emulation: A Case Study of TCP-Targeted Denial of Service Attacks. Roman Chertov, Sonia Fahmy and Ness B. Shroff. In ACM Transactions on Modeling and Computer Simulation (TOMACS), Vol. 19, Issue 1, pp. 4:1-4:29, December 2008.
  • Mencius: Building Efficient Replicated State Machines for WANs. Yanhua Mao, Flavio P. Junqueira and Keith Marzull. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI '08), San Deigo, California, December 2008.
  • BitBlaze: A New Approach to Computer Security via Binary Analysis. Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam and Prateek Saxena. In Proceedings of the 4th International Conference on Information Systems Security, Keynote Invited Paper, December 2008.
  • TVA: a DoS-limiting Network Architecture. Xiaowei Yang, David Wetherall and Tom Anderson. In IEEE/ACM Transactions on Networking (ToN), Vol. 16, Issue 6, December 2008.
  • Passport: Secure and Adoptable Source Authentication. Xin Liu, Ang Li, Xiaowei Yang and David Wetherall. In Proceedings of USENIX/ACM Symposium on Networked Systems Design and Implementation, 2008.

2007

  • Renovo: A Hidden Code Extractor for Packed Executables. Min Gyung Kang, Pongsin Poosankam and Heng Yin. In ACM Conference on Computer and Communications Security (CCS), November 2007.
  • Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. Heng Yin, Dawn Song, Manuel Egele, Engin Kirda and Christopher Kruegel. In Proceedings of ACM Conference on Computer and Communications Security (CCS), October 2007.
  • The Shunt: An FPGA-Based Accelerator for Network Intrusion Prevention. Nicholas Weaver, Vern Paxson and Jose M. Gonzalez. In ACM/SIGDA International Symposium on Field Programmable Gate Arrays (FPGA), February 2007.
  • DDoS Benchmarks and Experimenter's Workbench for the DETER Testbed. Jelena Mirkovic, Songjie Wei, Alefiya Hussain, Brett Wilson, Roshan Thomas, Stephen Schwab, Sonia Fahmy, Roman Chertov and Peter Reiher. In Proceedings of Tridentcom (International Conference on Testbeds and Research Infrastructures for the Development of Networks & Communities), May 2007.
  • CLID: A general approach to validate security policies in a dynamic network. Yanyan Yang, C. Martel and S. F. Wu. In 10th IFIP/IEEE International Symposium on Integrated Network Management, May 2007.
  • Collaborative Detection of DDoS Attacks over Multiple Network Domains. Yu Chen, Kai Hwang and Wei-Shinn Ku. In IEEE Transactions on Parallel and Distributed Systems, June 2007.
  • SEER: A Security Experimentation EnviRonment for DETER. Stephen Schwab, Brett Wilson, Calvin Ko and Alefiya Hussain. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • A Hypervisor Based Security Testbed. Dan Duchamp and Greg DeAngelis. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • Automating DDoS Experimentation. Jelena Mirkovic, Brett Wilson, Alefiya Hussain, Sonia Fahmy, Peter Reiher, Roshan Thomas and Stephen Schwab. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • Evaluation of collaborative worm containments on DETER testbed. L. Li, P. Liu, Y.C. Jhi and G. Kesidis. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • Design and Implementation of an Isolated Sandbox with Mimetic Internet Used to Analyze Malwares. Shinsuke Miwa, Toshiyuki Miyachi, Masashi Eto, Masashi Yoshizumi and Yoichi Shinoda. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • Distributed Change-Point Detection of DDoS Attacks: Experimental Results on DETER Testbed. Yu Chen, Kai Hwang and Wei-Shinn Ku. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • Dependency-based Distributed Intrusion Detection. Ji Li, Dah-Yoh Lim and Karen Sollins. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • Stress Testing Cluster Bro. Nicholas Weaver and Robin Sommer. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • A Plan for Malware Containment in the DETER Testbed. Ron Ostrenga, Stephen Schwab and Robert Braden. In Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007.
  • When is Service Really Denied? A User-Centric DoS Metric. Jelena Mirkovic, Alefiya Hussain, Brett Willson, Sonia Fahmy, Wei-Min Yao, Peter Reiher, Stephen Schwab and Roshan Thomas. In Proceedings of the 2007 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems, pp. 357-358, 2007.
  • Towards User-Centric Metrics for Denial-Of-Service Measurement. Jelena Mirkovic, Alefiya Hussain, Brett Wilson, Sonia Fahmy, Peter Reiher, Roshan Thomas, Wei-Min Yao and Stephen Schwab. In Proceedings of the 2007 Workshop on Experimental Computer Science, 2007.
  • Very Fast Containment of Scanning Worms, Revisited. Nicholas Weaver, Stuart Staniford and Vern Paxson. In Malware Detection, Springer Verlag, Vol. 27, pp. 113-145, 2007.

2006

2005

2004

  • Cyber defense technology networking and evaluation. R. Bajcsy, T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. D. Tygar, S. Sastry, D. Sterne and S. F. Wu. In Communications of the ACM, Special issue on Emerging Technologies for Homeland Security, Vol. 47, Issue 3, pp. 58-61, March 2004.
  • A hybrid quarantine defense. P. Porras, L. Biesemeister, K. Levitt, J. Rowe, K. Skinner and A. Ting. In Proceedings of ACM WORM, Washington, DC, October 2004.
  • Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP. S.T. Teoh, K. Zhang, S.-M. Tseng, K.-L. Ma and S. F. Wu. In Proceedings of ACM VizSEC/CMSEC-04, Washington, DC, October 2004.
  • Preliminary results using scale-down to explore worm dynamics. Nicholas Weaver, Ihab Hamadeh, George Kesidis and Vern Paxson. In Proceedings of the 2004 ACM workshop on Rapid malcode, pp. 65-72, 2004.

Other Publications

2013

2012

2009

2008

2007

2006

2002

MS and PhD Theses

2013

2012

2011

2010

2009

  • Detecting Anomalous Internet Clients with Behavior Profiles and Reputations. Songjie Wei. PhD Thesis, University of Delaware, Newark, Delaware, January 2009.

2008

2007

2006

Student Projects

2008

  • On the Impacts of Low Rate DoS Attacks on VoIP Traffic. J. Stille. Undergraduate Project, New Jersey Institute of Technology, 2008.

2007

  • Implementing RoQ (Reduction of Quality) attack mitigation system on DETERlab. Cynthia Haidar. Undergraduate Summer Intern Project, Lebanese American University, Beirut, 2007.

In the Press

2009