About

TEAM HISTORY PROPOSAL STATUS DARPA SPONSORS

TEAM

Leadership Team

Jelena Mirkovic (USC-ISI) - Lead PI
Brian Kocoloski (USC-ISI) - Co-PI
David Choffnes (Northeastern University) - Co-PI
David Balenson (USC-ISI) - Community Outreach Director
Alba Regalado (USC-ISI) - Project Manager

Project Team

Terry Benzel (USC-ISI) - Liaison to ISI and USC
Geoff Lawler (USC-ISI) - Research Engineer
Joseph Barnes (USC-ISI) - Senior Research Engineer
Christopher Tran (USC-ISI) - Research Engineer
Yuri Pradkin (USC-ISI) - Operations Engineer

Srivatsan Ravi (USC-ISI) - SME, Distributed Systems
Ganesh Sankaran (USC-ISI) - SME, Software-Defined Networking
Erika Bobbitt (USC) - Consultant, Project Management
Luis Garcia (University of Utah) - SME, Cyber-Physical Systems
Daniel Dubois (Northeastern University) - Tech Lead, IoT

Advisory Board

Eric Eide (University of Utah) - Research Associate Professor
Inder Monga (ESNet) - Executive Director, Division Director of Scientific Networking
Kate Keahey (University of Chicago; Argonne National Laboratory) - Senior Fellow; Computer Scientist
Margaret Martonosi (Princeton University) - Professor of Computer Science

Patrick Traynor (University of Florida) - John and Mary Lou Dasburg Preeminence Chair in Engineering
Raheem Beyah (Georgia Institute of Technology) - Dean of the College of Engineering, Southern Company Chair
Sujata Banerjee (Broadcom) - Director and Head, VMware Research
Tingting Chen (Cal Poly Pomona) - Professor of Computer Science

HISTORY

From DETERLab to SPHERE

Over the past two decades, USC-ISI’s DETER Project built, designed, and operated DETERLab (cyber DEfense Technology Experimental Research Laboratory), a state-of-the-art scientific computing facility for cybersecurity researchers and educators. Researchers engaged in research, development, discovery, experimentation, and testing of innovative cybersecurity technology. Educators used the testbed to teach security, networking, and operating systems classes. As a shared, public testbed, DETERLab has supported and benefited research and education in cybersecurity across a broad user community, including academia, industry, and government. To date, it has served a broad research community, including 389 research project teams from 278 institutions, and involving 1,042 researchers from 205 locations and 46 countries. Some example projects included human behavior modeling in cybersecurity scenarios, defenses against extremely large scale DDoS, worm and botnet attacks, encrypted traffic classification, and phishing deception. DETERLab has also been used in education by 230 classes from 147 institutions, and helped educate more than 20,000 students.

The DETERLab design used and significantly extended Emulab testbed management code. The DETERLab team has added subsystems to enable experimentation at scale and complexity representative of strategic internets such as those encountered in enterprises, and specialized cyber physical domains. In 2019, USC-ISI introduced Merge, a new framework for testbed control and management, built using modern open-source tools and meant for large-scale, high-fidelity, robust experimentation. Merge currently supports three testbeds at USC-ISI (modernized DETERLab for cybersecurity, DCOMP for distributed systems, and Lighthouse for extreme virtualization) with diverse hardware and hundreds of users.

Now with support from the NSF Mid-Scale Research Infrastructure (MSRI) program, we are pleased to announce our plans to build a new research infrastructure – SPHERE: Security and Privacy Heterogeneous Environment for Reproducible Experimentation. SPHERE will be a research infrastructure for at-scale, realistic and reproducible cybersecurity and privacy experimentation across very diverse hardware. This next generation experimental research infrastructure will employ the Merge software control stack. On day one, SPHERE will adopt compute nodes from modernized DETERLab and embedded compute nodes from DCOMP. In the future, SPHERE will include a variety of hardware, including embedded/edge computing devices, devices for machine learning training and inference, cyber-physical devices and programmable logic controllers, Internet of Things devices, programmable network devices, and general computing devices. The SPHERE research infrastructure will facilitate novel, transformative research endeavors in cybersecurity and privacy: reproducible and deployable research products developed and tested in representative environments, integrated and broadly-applicable research across multiple disciplines, and research on novel threats and defenses.

With the advent of SPHERE we are decommissioning DETERLab. Researchers and educational users of DETERLab are already using the early SPHERE prototype – general compute nodes running Merge software in modernized DETERLab. Current users will continue to be supported and will have the opportunity to benefit from early SPHERE research infrastructure as it comes online.

We thank the generations of DETERLab users and encourage you to participate in the new SPHERE community!

You can learn more about DETERLab at https://deter-project.org/

You can learn more about Merge at: https://mergetb.org/
and SPHERE at: https://sphere-project.net/. and
https://new.nsf.gov/news/nsf-announces-4-mid-scale-research-infrastructure

PROPOSAL

STATUS

Current Testbed Status (as of June 11, 2024)

WBS Item	Start	Status
SPHERE infrastructure
Updating Merge concepts to support SPHERE	10/01/2023	In progress
User Portal	10/30/2023	In progress
Control Infrastructure	01/29/2024	In progress
Storage Infrastructure	10/30/2023	In progress
Security Infrastructure	10/30/2023	In progress
General compute and existing embedded compute nodes
Compute nodes and network infrastructure	04/01/2024	In progress
Integration and testing	06/17/2024	Pending
Documentation and support	07/08/2024	Pending
Machine learning nodes
ML nodes and network infrastructure	09/30/2024	Pending
Integration and testing	01/13/2025	Pending
Documentation and support	02/17/2025	Pending
Cyber-physical nodes
PLC nodes and network infrastructure	11/25/2024	Pending
Integration and testing	01/13/2025	Pending
Documentation and support	03/17/2025	Pending
Embedded compute nodes
Embedded nodes and network infrastructure	09/29/2025	Pending
Integration and testing	12/29/2025	Pending
Documentation and support	02/02/2026	Pending
IoT nodes
IoT devices	10/02/2023	In progress
Network Infrastructure	10/02/2023	In progress
Integration Infrastructure	04/01/2024	Pending
Data Infrastructure	03/01/2024	Pending
Control Infrastructure	10/01/2024	Pending
Integration and testing	10/01/2024	Pending
Documentation and support	10/01/2025	Pending
Programmable nodes
SDN and NetFPGA nodes and network infrastructure	09/29/2025	In progress
Integration and testing	11/17/2025	Pending
Documentation and support	03/16/2026	Pending
Representative experimentation environments
Representative experiments in each scientific domain	09/29/2025	Pending
Community-based REE development	02/19/2024	Pending
Infrastructure for Internet interactions	02/19/2024	Pending
Integration and testing	05/13/2024	Pending
Documentation and support	05/13/2024	Pending
Usability services
User interfaces	07/22/2024	In progress
Integration and testing	10/14/2024	Pending
Documentation and support	11/25/2024	Pending
Reproducibility services
Logging support	06/08/2026	Pending
Artifact packaging and artifact libraries	11/23/2026	Pending
Integration and testing	11/23/2026	Pending
Documentation and support	06/07/2027	Pending
Outreach and engagement
Need discovery events	12/25/2023	In progress
RI promotion activities	12/25/2023	In progress
Student internships	10/02/2023	In progress
UI for artifact evaluation	07/15/2024	In progress
Alliances with AECs	11/04/2024	In progress
Project management
Administration	10/02/2023	In progress
Planning	10/02/2023	In progress
Coordination	10/02/2023	In progress
Monitoring and reporting	10/02/2023	In progress

DARPA

DARPA Test & Evaluation Projects

USC-ISI has provided deep, extensive technical expertise in T&E methodologies, tools, scenario development, and operation of testbed facilities. The team has performed T&E roles within DARPA’s SAFER, EdgeCT, DCOMP, XD3, and Searchlight programs, leveraging either DETERLab or other Merge-based testbeds.

The Merge testbed platform is a mature and fully open-source testbed software stack developed at ISI. Merge testbeds facilitate high-fidelity networked experimentation through state-of-the-art node and network virtualization technologies, enabling creation of realistic and diverse network topologies running real network hardware, operating systems, middleware, and application software.

SAFER

Under the DARPA Safer Warfighter Communications (SAFER) program, ISI's DETERLab served as the testbed and experimentation platform for the development and evaluation of technologies advancing the state-of-the-art in non-blockable and anonymous communication, such as Tor. Five separate research projects developed adversary-resistant communication technology to circumvent censorship. Complex experiments were conducted, requiring thousands of emulated users communicating with applications such as instant messaging, social networking, streaming video, and video conferencing, while red teams representing hostile network operators attempted to deanonymize users and block communication.

EdgeCT

Under the DARPA Edge-Directed Cyber Technologies for Reliable Mission Communication (EdgeCT) program, ISI’s DETERLab served as the testbed and experimental platform for the development evaluation of performer technologies. The testbed was used to build realistic models of networks and workloads to help guide partner researcher and evaluate prototypes. These networks had to accurately model transition partner edge enclaves, the networks between them, and the workflows they conducted.

DCOMP

Under the DARPA Dispersed Computing (DCOMP) program, ISI’s DCOMP testbed was used for program evaluation. The DCOMP testbed was controlled by the Merge software and composed of 1,444 nodes to routinely support simultaneous experiments with hundreds of nodes interconnected through complex network topologies. The DCOMP program developed robust decision systems to enable secure, collective tasking of computing assets in a mission-aware fashion by users with competing demands, and across large numbers of heterogeneous computing platforms at the edge.

XD3

Under the DARPA Extreme DDoS Defense (XD3) program, ISI’s DETERLab served as the test platform to evaluate six technologies: machine-learning based real-time endpoint detection and mitigation for low-volume DDoS attacks; elastic dispersion-oriented systems that deploy additional micro computational units when under attack; disguise-based in-network technology that mitigate attacks before they reach the server; and deceptive defense strategies providing false information to attackers.

SEARCHLIGHT

Under the DARPA Searchlight program, ISI partnered with Sandia National Laboratories to evaluate performer technologies developed for analysis and QoS management of an enterprise’s distributed applications overlaid on the internet. This evaluation used the Lighthouse Merge-based testbed, which consisted of a subset of the high-end nodes from the original DETERLab testbed that were modified to support extensive virtualization built around the open-source type-2 hypervisor system QEMU /KVM and Sandia’s virtual machine automation platform, Minimega.

SPHERE Sponsors and Partners

Organizations interested in sponsoring or partnering with SPHERE, please feel free to contact us.

Sponsor

NSF_Official_logo_High_Res_1200ppi

National Science Foundation (NSF)

NSF is an independent agency of the United States federal government that supports fundamental research and education in all the non-medical fields of science and engineering. NSF is funding the construction of SPHERE through a Mid-scale Research Infrastructure-1 award. With NSF's support, SPHERE will deploy advanced hardware and software to facilitate foundational and translational cybersecurity and privacy research, including edge computing devices, programmable logic controllers, and Internet of Things devices. This support will enable SPHERE to transform cybersecurity and privacy research into a community-wide effort, advancing scientific discovery and enhancing the nation's cybersecurity research capabilities.

Partners

Advanced Micro Devices, Inc. (AMD)

AMD is an American multinational corporation and semiconductor company that develops computer processors and related technologies for business and consumer markets. AMD donated eight (8) NetFPGA network cards to SPHERE, enhancing the platform's ability to conduct comprehensive cybersecurity and privacy experiments across varied infrastructures. This donation strengthens SPHERE's research capabilities in network performance monitoring and advanced networking protocol analysis.

Information Sciences Institute

SPHERE