A Platform for Automated Attack Finding in Unmodified Distributed System Implementations
Turret is a tool for automatically finding performance attacks in distributed systems implementations.
We aim to allow users to find possible performance attacks from unmodified distributed implementations without requiring a priori knowledge about possible vulnerabilities in the system. Turret uses virtual machines and network emulation to confine an entire distributed system in one machine and injects attacks, using components we call malicious proxy, and evaluates performance to verify effectiveness of attacks.
Turret does not require malicious implementation. The user can specifiy one or more nodes to be malicious. When a malicious node sends a message, a malicious proxy corresponing to the node intercepts packets in the network emulator and inject malicious actions to immitate an insider attacker. In normal(brute-force) mode, Turret's strategy generator crafts attack strategies and the controller executes the generates strategies. Finally Turret will evaluate performance and report the user what are successful attacks.
Turret: A Platform for Automated Attack Finding in Unmodified Distributed System Implementations Hyojeong Lee, Md. Endadul Hoque, Jeff Seibert, Charles Killian, and Cristina Nita-Rotaru. 34th International Conference on Distributed Computing Systems (ICDCS), Jun. 2014(To appear)
Adversarial Testing of Wireless Routing Implementations Md. Endadul Hoque, Hyojeong Lee, Rahul Potharaju, Charles Killian, and Cristina Nita-Rotaru. In Proceedings of 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks , Budapest, Hungary, Apr. 2013
The turret manual is avaialbe online:
- Installation Guide [html] [pdf]
- Turret User's Guide [html] [pdf]
- Tutorial with a Sample Application [html] [pdf]
We provide SimpleNTP, a distributed system that we used as an example in the tutorial: userfiles.tar.gz
The sample application will be run within the provided a virtual machine; You should build your applicaiton under the given VM or the compatible envrionment:
- KVM image: ubuntu-11.10-master.qcow2 (Download QEMU)
- VMware image: ubuntu-11.10-master.vmdk (Download VMware Player)
- System Information
- Ubuntu-11.10 (oneiric)
- Linux version 3.0.0-12-server (buildd@crested)
- gcc version 4.6.1 (Ubuntu/Linaro 4.6.1-9ubuntu3)