DOJ funds cybersecurity lab to test Internet-size attacks
- By William Jackson
- Jun 17, 2005
The Justice Department awarded a $500,000 grant to Iowa State University as seed funding for a cybersecurity lab that will accurately simulate online attacks.
The lab, called the Internet-Simulation Event and Attack Generation Environment, or ISEAGE, is the brainchild of Doug Jacobsen, a professor of computer engineering.
'ISEAGE is a test bed network designed to accurately recreate what you could see on the Internet,' Jacobsen said.
This testing environment is different than current ones because the scale of the infrastructure being tested is much larger. Simulating traffic to or from single points is easy, Jacobsen said. 'But to be able to recreate the Internet cloud, that doesn't exist in current test beds.'
Previous testing environments have had to oversimplify attacks, limiting the amount of information that can be obtained about Internet-based threats, Jacobsen said.
'One of our goals is to not have to change any of the attack code' being studied, he said.
The key to a test on this scale is to do it with software rather than hardware. 'My view of the Internet is a whole lot of bits on a wire,' Jacobsen said. 'Taking that view, I don't need 10,000 physical devices' to model large systems. Jacobsen developed the concept in the course of his other job, chief technology officer of Palisade Systems Inc. of Ames, Iowa, a maker of network security appliances.
'We needed some sort of testing facility,' he said. 'I'm a low-level networking kind of person, so I didn't want something that was device-oriented.'
He wrote the code to recreate traffic flows over links, and eventually set up his own lab at the university.
The lab's network consists of 64 off-the-shelf processors running Jacobsen's custom code.
'It's not a very big thing,' he said. But 'we don't envision it needing to be much bigger.'
He claims the current infrastructure is capable of recreating traffic to and from each of the Internet's roughly 4 billion addresses.
ISEAGE achieved initial operating capability in April, when it hosted a cyberdefense competition. Six teams hung their devices off of the test bed and defended them against red-team attacks.
'We are now entering the phase where we are looking for potential customers,' Jacobsen said.
Federal agencies who would use ISEAGE for training exercises are obvious clients, he said, as well as private-sector security professionals and companies that want to study security concerns specific to their enterprises.
Despite the DOJ grant, ISEAGE still is operating on something of a shoestring.
'Right now it's me and some grad students,' Jacobsen said.
William Jackson is freelance writer and the author of the CyberEye blog.