Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In order to understand the limitations and increase the robustness of distributed services and network protocols there is benefit in performing adversarial testing. Adversarial testing subjects implementations to testing beyond their basic functionality by stressing the system and ultimately performing destructive testing.
We introduce Turret a platform that provides support for automated adversarial testing for message-passing distributed systems and network protocols. The platform uses a network emulator to create reproducible network conditions and virtualization to run unmodified binaries of the target system. The platform requires the user to provide a description of the protocol messages and corresponding performance metrics. Turret supports distributed services such as intrusion-tolerant replication, application-layer multicast, and routing protocols, running in both wired and wireless networks. We applied Turret to 5 distributed systems and 5 wireless routing protocols and found a total of 70 attacks and bugs. We also discuss how we used Turret as an automated Red Team for our own protocols, and as a testing and grading environment for the distributed systems class at Purdue University.
Speaker Biography
Cristina Nita-Rotaru is an Associate Professor in the Department of Computer Science at Purdue University where she established the Dependable and Secure Distributed Systems Laboratory (DS2), and is a member of the Center for Education and Research in Information Assurance and Security (CERIAS). Her research lies at the intersection of information security, distributed systems, and computer networks. The overarching goal of her work is designing and building practical distributed systems and network protocols that are robust to failures and attacks while coping with the resource constraints existent in computing systems and networks.
Cristina Nita-Rotaru is a recipient of the NSF Career Award in 2006. She is also a recipient of the Purdue Teaching for Tomorrow Award in 2007, Purdue Excellence in Research Award, Seeds for Success in 2012, Purdue College of Science Research Award in 2013. She has served on the Technical Program Committee of numerous conferences in security, networking, and distributed systems. She served as an Assistant Director for CERIAS (2011 - 2013). She was an Associate Editor for Elsevier Computer Communications (2008 - 2011), Elsevier Computer Networks (2012 - 2014), IEEE Transactions on Computers (2011 - 2014), and ACM Transactions on Information Systems Security (2009 - 2013). She is currently an Associate Editor for IEEE Transactions on Mobile Computing and IEEE Transactions on Dependable and Secure Systems.