Risk
1/14/2011
03:07 PM
50%
50%

DHS Invests $16M In Cybersecurity Testbed

The DETECT project will make improvements over the next five years to the Information Sciences Institute's DETERLab at the University of Southern California.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters

The Department of Homeland Security (DHS) will invest 16 million over the next five years to expand a cybersecurity testbed at the University of Southern California (USC).

The new project, DETECT, will make improvements to USC's Information Sciences Institute's existing DETERlab, which provides an isolated 400-node mini-Internet hosted by USC and the University of California Berkeley that security researchers use to simulate the real Internet.

DETERlab is based upon a mesh of clusters of experimental nodes, each one based on the University of Utah's Emulab hardware and software, according to a white paper on the design of the testbed published online. In addition to support from the DHS, the National Science Foundation also provides funding for DETERlab.

Researchers from around the world use the testbed as a safe, controlled environment to investigate malware and other security threats without danger of infecting the actual Internet. DETERLab also is used in computer-security classroom exercises for 400 students in 10 universities and colleges.

DETECT will expand the capability of DETERlab through the development and support of new methodologies and tools for advanced cyber security research, experimentation and testing, according to USC.

DETECT also will aim to foster a cyber research community by helping other cybersecurity research sites use the DETERlab software system, according to USC. Ultimately, the plan for the project is to create an interconnected cybersecurity testbed system that can be accessed and use across academic institutions, industries, and government agencies.

Some of that community outreach has already begun. In November, the Cyber Security and Information Assurance (CSIA) Interagency Networking and Information Technology Research and Development (NITRD) working group- a collaboration of more than a dozen federal research and development agencies -- endorsed the DETER cyber science framework.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4467
Published: 2015-01-30
WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.

CVE-2014-4476
Published: 2015-01-30
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulner...

CVE-2014-4477
Published: 2015-01-30
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulner...

CVE-2014-4479
Published: 2015-01-30
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulner...

CVE-2014-4480
Published: 2015-01-30
Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple TV before 7.0.3 allows attackers to access unintended filesystem locations by creating a symlink.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.