DETERLab and the DETER Project

  • John WroclawskiEmail author
  • Terry Benzel
  • Jim Blythe
  • Ted Faber
  • Alefiya Hussain
  • Jelena Mirkovic
  • Stephen Schwab


This chapter describes the DETER Project and its centerpiece facility DETERLab. DETERLab is a large-scale, shared, and open modeling, emulation, and experimentation facility for networked systems, developed and operated as a national resource for cyber-security experimentation. The Project itself has three major components:


Resource Provider Access Control Policy Physical Machine Container Type Phasor Measurement Unit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Kessler, G.C.: Defenses against distributed denial of service attacks. Available at Also included in Bosworth, S., Kabay, M.E., Whyne, E. (eds.) Computer Security Handbook. John Wiley & Sons, March 2014
  2. 2.
    Hardaker, W., Kindred, D., Ostrenga, R., Sterne, D., Thomas, R.: Justification and requirements for a national DDoS defense technology evaluation facility. NAL Report #02-052, Network Associates Laboratories, Rockville, MD, July 2002Google Scholar
  3. 3.
    NSF workshop on network research testbeds. Workshop Report, October 2002.
  4. 4.
    Balenson, D., Tinnel, L., Benzel, T.: Cybersecurity experimentation of the future (CEF): catalyzing a new generation of experimental cybersecurity research. Available at
  5. 5.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. In: Proceedings of the 13th USENIX Security Symposium, August 2004Google Scholar
  6. 6.
    Ostrenga, R., Schwab, S., Braden, R.: A Plan For Malware Containment In The DETER testbed. In: Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007
  7. 7.
    Lockwood, J.W., McKeown, N., Watson, G., Gibb, G., Hartke, P., Naous, J., Raghuraman, R., Luo, J.: NetFPGA—an open platform for gigabit-rate network switching and routing, MSE 2007, San Diego, June 2007. Further information available at
  8. 8.
    Pfaff, B., Pettit, J., Koponen, T., Jackson, E.J., Zhou, A., Rajahalme, J., Gross, J., Wang, A., Stringer, J., Shelar, P., Amidon, K., Casado, M.: The design and implementation of open vSwitch. In: Proceedings of the 12th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2015), Oakland, CA, 4–6 May 2015Google Scholar
  9. 9.
    Benzel, T., Braden, B., Faber, T., Mirkovic, J., Schwab, S., Sollins, K., Wroclawski, J.: Current developments in DETER cybersecurity testbed technology. In: Proceedings of the Cyber Security Applications & Technology Conference for Homeland Security (CATCH 2009), March 2009Google Scholar
  10. 10.
    Benzel, T.: The science of cyber-security experimentation: the DETER project. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC) ‘11, Orlando, FL, December 2011Google Scholar
  11. 11.
    Benzel, T., Wroclawski, J.: The DETER project: towards structural advances in experimental cybersecurity research and evaluation. J. Inform. Process. 20(4), 824–834 (2012)CrossRefGoogle Scholar
  12. 12.
    Mirkovic, J.: Benzel, T.V., Faber, T., Braden, R., Wroclawski, J.T., Schwab, S. The DETER project: advancing the science of cyber security experimentation and test. In: Proceedings of the IEEE HST '10 Conference, Waltham, MA, November 2010Google Scholar
  13. 13.
    Benzel, T., Braden, R., Kim, D., Joseph, A., Neuman, C., Ostrenga, R., Schwab, S., Sklower, K.: Design, deployment, and use of the DETER testbed. In: Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007Google Scholar
  14. 14.
    Faber, T., Ryan, M.: Building apparatus for multi-resolution networking experiments using containers. ISI Technical Report ISI-TR-683 (2011)Google Scholar
  15. 15.
    Faber, T., Wroclawski, J., Lahey, K.: A DETER federation architecture. In: Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007Google Scholar
  16. 16.
    Faber, T., Wroclawski, J.: A federated experiment environment for Emulab-based testbeds. In: Proceedings of Tridentcom (2009)Google Scholar
  17. 17.
    Mirkovic, J., Sollins, K., Wroclawski, J.: Managing the health of security experiments. In: Proceedings of the Cyber security Experimentation and Test (CSET) Workshop, July 2008Google Scholar
  18. 18.
    Schwab, S., Wilson, B., Ko, C., Hussain, A.: SEER: a security experimentation environment for DETER. In: Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test, August 2007Google Scholar
  19. 19.
    Viswanathan, A., Hussein, A., Mirkovic, J., Schwab, S., Wroclawski, J.: A semantic framework for data analysis in networked systems. In: Proceedings of the 8th USENIX Symposium on Networked Systems Design and Implementation, NSDI, April 2011Google Scholar
  20. 20.
    Wroclawski, J., Mirkovic, J., Faber, T., Schwab, S.: A two-constraint approach to risky cyber security experiment management. Invited paper at the Sarnoff Symposium, April 2008Google Scholar
  21. 21.
    Lahey, K., Braden, R., Sklower, K.: Experiment isolation in a secure cluster testbed. In: Proceedings of the Cyber security Experimentation and Test (CSET) Workshop, July 2008 Google Scholar
  22. 22.
    White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An integrated experimental environment for distributed systems and networks. In: Proceedings of the 5th Symposium on Operating Systems Design & Implementation, pp.255–270, December 2002Google Scholar
  23. 23.
    Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the USENIX 2005 Annual Technical Conference, April 2005, pp. 41–46Google Scholar
  24. 24.
    OpenVZ Containers Website,
  25. 25.
    Gardenghi, L., Goldweber, M., Davoli, R.: View-OS: a new unifying approach against the global view assumption. Lecture Notes in Computer Science, vol. 5101/2008, Computational Science—ICCS 2008. Further information available at
  26. 26.
    Faber, T., Schwab, S., Wroclawski, J.: Authorization and access control: ABAC. In: The GENI Book, Springer International Publishing Switzerland, 2016, doi:10.1007/978-3-319-33769-2_10Google Scholar
  27. 27.
    Ansible Documentation., version of January 2016.
  28. 28.
    Chef Documentation., version of January 2016
  29. 29.
    Fabric Documentation., version of January 2016
  30. 30.
    Pupper Documentation,, version of January 2016
  31. 31.
    Bratman, M.: Intention, plans, and practical reason (1987)Google Scholar
  32. 32.
    Johnson-Laird, P.: Mental models (1983)Google Scholar
  33. 33.
    Wash, R.: Folk models of home computer security. In: Proceedings of the Sixth Symposium on Usable Privacy and Security (SOUPS) (2010)Google Scholar
  34. 34.
    Stanovich, K.E.: Who is Rational? Studies of Individual Differences in Reasoning. Psychology Press, Hove (1999)Google Scholar
  35. 35.
    Blythe, J., Camp, J.L.: Implementing mental models. In: Proceedings of IEEE Symposium Security and Privacy Workshops (SPW), pp. 86–90 (2012)Google Scholar
  36. 36.
    Blythe, J.: A dual-process cognitive model for testing resilient control systems. In: Proceedings of Resilient Control Systems (ISRCS), 2012 5th International Symposium, 2012Google Scholar
  37. 37.
    Kothari, V., Blythe, J., Smith, S., Koppel, R.: Agent-based modeling of user circumvention of security. In: Proceedings of the 1st International Workshop on Agents and CyberSecurity (2014)Google Scholar
  38. 38.
    Blythe, J., Koppel, R., Smith, S.W.: Circumvention of security: good users do bad things. IEEE Security & Privacy 11(5), 80–83 (2013)CrossRefGoogle Scholar
  39. 39.
    Presidential Innovation Fellows Program,, version of October 2015
  40. 40.
    Baldin, I., Chase, J., Xin, Y., Mandal, A., Ruth, P., Castillo, C., Orlikowski, V., Heermann, C., Mills, J.: ExoGENI: a multi-domain infrastructure-as-a-service testbed. In: GENI: Prototype of the Next Internet. Springer (2016)Google Scholar
  41. 41.
    Nuqui, R.F.: State estimation and voltage security monitoring using synchronized phasor measurement. Ph.D. Dissertation, Virginia Polytechnic Institute, Blacksburg, VA, July 2001. “Simulations and field experiences suggest that PMUs can revolutionize the way power systems are monitored and controlled” (via Wikipedia)Google Scholar
  42. 42.
    Mirkovic, J., Benzel, T.: Teaching cybersecurity with DETERLab. IEEE Security and Privacy Magazine, January/February 2012, vol. 10, no. 1, pp. 73–76 (invited paper)Google Scholar
  43. 43.
    DETERLab Education Web page,, version of October 2015
  44. 44.
    Mirkovic, J., Peterson, P.A.H.: Class capture-the-flag exercises. In: Proceedings of the USENIX Summit on Gaming, Games and Gamification in Security Education (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • John Wroclawski
    • 1
    Email author
  • Terry Benzel
    • 1
  • Jim Blythe
    • 1
  • Ted Faber
    • 1
  • Alefiya Hussain
    • 1
  • Jelena Mirkovic
    • 1
  • Stephen Schwab
    • 2
  1. 1.USC Information Sciences Institute, Marina Del ReyLos AngelesUSA
  2. 2.USC Information Sciences Institute, Marina Del ReyArlingtonUSA

Personalised recommendations