In the era of Cloud Service and Internet of Things, information security has already become a transnational issue. In recent years, the large scale cyber attack via the connection of BotNet has become a thorny issue of Global information security. Taiwan is always the main target of international hackers due to the high dense of information devices and computers in campuses are always the favorite of hackers. To help tackling such an issue, the Ezilla, which is considered as a private Cloud toolkit ( integrated with OpenNebula), has been implemented by the CyberSecurity research team in the National Center for High-performance Computing (NCHC), Taiwan. Through the Ezilla which leverages OpenNebula and CyberSecuirty techniques, Cloud users can easily customize and configure a specified Cloud security training environment. It is an extremely lightweight approach helping users to access virtual computing resources. The main feature of this project is simplifying the utilization of Clouds. Our goal is to make Cloud security scientists or users painlessly to run their own CyberSecurity jobs on Cloud platforms, including Cyber Defense Exercise, Malware Knowledge Base, etc.. Based on the proposed CyberSecurity Exercise Platform, we also develop new functions which are private Cloud information security training service, Captur the Flags (CTF) competition service, and virtual networking service for enterprise.
OpenNebulaConf 2016 - The Lightweight Approach to Build Cloud CyberSecurity Exercise Platform by Serena Pan, NCHC
1. PervasiveComputingLab
The Lightway Approach to Build Cloud
CyberSecurity Exercise Platform
National Center for High-Performance
Computing
Yi-Lun Pan (Serena Pan)
serenapan@nchc.narl.org.tw
2. PervasiveComputingLab Who’s Serena Pan??
— I am an associate researcher in NCHC,
Taiwan.
— Our project is Free Software, and also
Open Source
— Virtualization technology (OpenStack and
OpenNebula) and Cybersecurity
technology
3. PervasiveComputingLab Outline
— What is Ezilla Project?
— What is Cybersecurity??
— What does Ezilla do for Cybersecurity??
— The Core Tech. of Ezilla
◦ How to Install Ezilla
◦ Demo
4. PervasiveComputingLab What is Ezilla
— Ezilla is designed to help users to build
their own Private Cloud easily!
— Ezilla provides an user-friendly
interface and an easy way to customize
and configure based on users’ needs!
— Ezilla is consisted with three parts:
◦ DRBL (Diskless Remote Boot in Linux),
◦ Cloud Middleware - OpenNebula
◦ Web Interface
5. PervasiveComputingLab
I NN I? ? ,IMN NDJI JA )TD
(DMF MM P LMDJI
h c
I NN I? ? ,IMN
)TD f ad k
)TD P
Virtual Machines
)TD
)TD MN L
(5 , DIB SMN H ,H B
m jlio be
6. PervasiveComputingLab
(DMNLD ON ?
D MSMN H
)TD MN L
)TD P
Virtual Machines
)TD ,IN LA
I NN I? ? ,IMN NDJI JA
)TD (DMF AO P LMDJI
MN ( K JSH IN
7. PervasiveComputingLab What is Cybersecurity in NCHC??
— NCHC Cloud Cybersecurity Exercise
Platform
Ezilla provides both user-friendly
and straightforward interface for
Cloud users.With One Click,
Cloud users can build their own
on-demand virtual cluster.
Based on Cloud Service
Infrastructure, CDX provides
security training service,
Capture the Flags (CTF)
competition service, and virtual
networking service for
enterprise.
10. PervasiveComputingLab What is Cybersecurity??
— International Organization
◦ The Honeynet Project Cloud Security
Alliance FIRST Shadowserver
Foundation…
— International Conference
◦ The Honeynet Project Annual Workshop
Cloud Security Alliance Congress RSA
Blackhat DEFCon AVAR
11. PervasiveComputingLab
What does Ezilla do for
Cybersecurity?
— Simplify demos and evaluations
— Reduce development and support costs
— Extend applications to the cloud
12. PervasiveComputingLab
What does Ezilla do for
Cybersecurity?
— System manager:
◦ One click install build private cloud - Fast
Installation
◦ Easy to manage VMs -Build Multiple
Template
— Users:
◦ Fast and user-friendly virtual environment
◦ Could access VM with the browser which
support HTML 5 (Google chrome / firefox)
◦ Could use RDP and ssh to access VM
13. PervasiveComputingLab Use Case
— Who use Ezilla so far..
◦ NTU, NCTU, NCKU..
◦ Virtual Classroom –NCTU, NCHC and Inventec
– System SDN-based Networks
– Software Ezilla
– Hardware Zion Servers are provided by Inventec
Zion
SDN-
based
Networks
Inventoc Server
+ +
=1000+ Virtual CDX Classroom
17. PervasiveComputingLab
Educational Purpose for
Information Security
— NQJLF ( A IM I? NN F NAJLH L DIDIB
◦ JOLM W DNC ( K NAJLH MNO? IN I ADI?
Q FI MM M LP L I? NC I NJ KL ND I? P LDAS QC N
NC S LI ?
◦ JHK NDNDJI W DNC ( K NAJLH N C LM I
KLJPD? IS FDI? JA M I LDJ JHK NDNDJI
— ,IAJLH NDJI OLDNS O I L D DND M L DIDIB
◦ L DI CJQ NJ ADI? PO I L M LP L
◦ ,IAJLH NDJI M OLDNS ? N I SMDM PD + ?JJK OMN L
20. PervasiveComputingLab
The Benefit of Cloud Virtual
Classroom
— No time and space limited, students can
enjoy seamless education.
20
After School
In Class
21. • LF NK LPD
– J N ,IAJLH NDJI OLDNS K I JOL JJ FDN
• MN OD ? )IPDLJIH IN
Marketplace
23. PervasiveComputingLab The Core Tech. of Ezilla
— I NN I? ? ,IMN NDJI
◦ FD FMN LNUKL M ?
— JO? D?? Q L
– . , )U 5 ?DL N U DLN, U.
– D PDLN
– K I O
– V
— A!M LPD ,IN LA
◦ OD ? M L!ALD I? S )IPDLJIH IN
– E R
– +
– V
– - O LS
24. PervasiveComputingLab
The Core Tech. of Ezilla
DRBL
— Diskless Remote Boot in Linux
◦ NCHC Free Software Lab.
◦ Ezilla slave no need Hard Disk and Software
◦ Clonezilla is embedded, so you can copy and
reinstall computers at the same time
◦ Via PXE, you can install OS easily.
— How does Ezilla Slave use DRBL?
◦ Ezilla Diskless Version
– Using Single System Image (SSI) mode
– After network booting, OS is executed in memory
– (SI HD RN IMDJI JHKONDIB L MJOL M
– RD H I B H IN
◦ Ezilla Disk Full Version
– Via PXE network booting, and then execute network
installation
34. PervasiveComputingLab What is SPARTA
— SPARTA is a python GUI application
which simplifies network infrastructure
penetration testing by aiding the
penetration tester in the scanning and
enumeration phase.
— http://sparta.secforce.com