Transpacific Testbed for Real-Time Experimentation

The transpacific testbed is a generic routing encapsulation (GRE) tunnel built between CUNY City College (CCNY), USA and Kyushu Institute of Technology (KYUTECH), Japan. The tunnel, built through internet2, originated from CCNY through the JGN network in Seattle and terminated at Kyutech in Japan. The testbed defines the future of the Internet by focusing on addressing research challenges associated with enabling trustworthy networks, supporting the Internet of Things (IoT), which encompasses everything connected to the Internet and cyber-physical systems (CPS) - a controlled mechanism monitored by computer-based algorithms. In this paper, we describe the setting up and testing of the testbed. Furthermore, we describe the real-time experiments conducted on the testbed and present the results. The experiments are classified into two: blockchain-based cooperative intrusion detection system (CoIDS) and Secure Virtual Machine introspection. In each of the experiments, we describe the method and present the results. Finally, we look into the ongoing works of extending the testbed to the COSMIC global testbed.2021 IEEE 4th 5G World Forum (5GWF 2021), 13-15, October, 2021, Virtual Conferenc

Transparent IDS Offloading for Split-Memory Virtual Machines

To enable virtual machines (VMs) with a large amount of memory to be flexibly migrated, split migration has been proposed. It divides a large-memory VM into small pieces and transfers them to multiple hosts. After the migration, the VM runs across those hosts and exchanges memory data between hosts using remote paging. For such a split-memory VM, however, it becomes difficult to securely run intrusion detection systems (IDS) outside the VM using a technique called IDS offloading. This paper proposes VMemTrans to support transparent IDS offloading for split-memory VMs. In VMemTrans, offloaded IDS can monitor a split-memory VM as if that memory were not distributed. To achieve this, VMemTrans enables IDS running in one host to transparently access VM\u27s remote memory. To consider a trade-off, it provides two methods for obtaining memory data from remote hosts: self paging and proxy paging. We have implemented VMemTrans in KVM and compared the execution performance between the two methods.2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), 13-17 July 2020, Madrid, Spain（新型コロナ感染拡大に伴い、現地開催中止

Hardening the Security of Multi-Access Edge Computing through Bio-Inspired VM Introspection

The extreme bandwidth and performance of 5G mobile networks changes the way we develop and utilize digital services. Within a few years, 5G will not only touch technology and applications, but dramatically change the economy, our society and individual life. One of the emerging technologies that enables the evolution to 5G by bringing cloud capabilities near to the end users is Edge Computing or also known as Multi-Access Edge Computing (MEC) that will become pertinent towards the evolution of 5G. This evolution also entails growth in the threat landscape and increase privacy in concerns at different application areas, hence security and privacy plays a central role in the evolution towards 5G. Since MEC application instantiated in the virtualized infrastructure, in this paper we present a distributed application that aims to constantly introspect multiple virtual machines (VMs) in order to detect malicious activities based on their anomalous behavior. Once suspicious processes detected, our IDS in real-time notifies system administrator about the potential threat. Developed software is able to detect keyloggers, rootkits, trojans, process hiding and other intrusion artifacts via agent-less operation, by operating remotely or directly from the host machine. Remote memory introspection means no software to install, no notice to malware to evacuate or destroy data. Experimental results of remote VMI on more than 50 different malicious code demonstrate average anomaly detection rate close to 97%. We have established wide testbed environment connecting networks of two universities Kyushu Institute of Technology and The City College of New York through secure GRE tunnel. Conducted experiments on this testbed deliver high response time of the proposed system