A Platform for Automated Attack Finding in Unmodified Distributed System Implementations

Turret_IMG Turret is a tool for automatically finding performance attacks in distributed systems implementations.

We aim to allow users to find possible performance attacks from unmodified distributed implementations without requiring a priori knowledge about possible vulnerabilities in the system. Turret uses virtual machines and network emulation to confine an entire distributed system in one machine and injects attacks, using components we call malicious proxy, and evaluates performance to verify effectiveness of attacks.

Turret does not require malicious implementation. The user can specifiy one or more nodes to be malicious. When a malicious node sends a message, a malicious proxy corresponing to the node intercepts packets in the network emulator and inject malicious actions to immitate an insider attacker. In normal(brute-force) mode, Turret's strategy generator crafts attack strategies and the controller executes the generates strategies. Finally Turret will evaluate performance and report the user what are successful attacks.


Turret: A Platform for Automated Attack Finding in Unmodified Distributed System Implementations Hyojeong Lee, Md. Endadul Hoque, Jeff Seibert, Charles Killian, and Cristina Nita-Rotaru. 34th International Conference on Distributed Computing Systems (ICDCS), Jun. 2014(To appear)

Adversarial Testing of Wireless Routing Implementations Md. Endadul Hoque, Hyojeong Lee, Rahul Potharaju, Charles Killian, and Cristina Nita-Rotaru. In Proceedings of 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks , Budapest, Hungary, Apr. 2013



The turret manual is avaialbe online:


Source tarball



We provide SimpleNTP, a distributed system that we used as an example in the tutorial: userfiles.tar.gz

VM Image

The sample application will be run within the provided a virtual machine; You should build your applicaiton under the given VM or the compatible envrionment:



Charles Killian
Cristina Nita-Rotaru


Hongjun Choi
Endadul Hoque


Hyojeong Lee
Jeffrey Seibert

Dependable and Secure Distributed Systems Lab.
CS Department, Purdue University