From DETERLab to SPHERE

Over the past two decades, USC-ISI’s DETER Project built, designed, and operated DETERLab (cyber DEfense Technology Experimental Research Laboratory), a state-of-the-art scientific computing facility for cybersecurity researchers and educators. Researchers engaged in research, development, discovery, experimentation, and testing of innovative cybersecurity technology. Educators used the testbed to teach security, networking, and operating systems classes. As a shared, public testbed, DETERLab has supported and benefited research and education in cybersecurity across a broad user community, including academia, industry, and government. To date, it has served a broad research community, including 389 research project teams from 278 institutions, and involving 1,042 researchers from 205 locations and 46 countries. Some example projects included human behavior  modeling in cybersecurity scenarios, defenses  against extremely large scale DDoS, worm and botnet attacks, encrypted traffic classification, and phishing deception.  DETERLab has also been used in education by 230 classes from 147 institutions, and helped educate more than 20,000 students.

The DETERLab design used and significantly extended Emulab testbed management code. The DETERLab team has added subsystems to enable experimentation at scale and complexity representative of strategic internets such as those encountered in enterprises, and specialized cyber physical domains. In 2019, USC-ISI introduced Merge, a new framework for testbed control and management, built using modern open-source tools and meant for large-scale, high-fidelity, robust experimentation. Merge  currently supports three testbeds at USC-ISI (modernized DETERLab for cybersecurity, DCOMP for distributed systems, and Lighthouse for extreme virtualization) with diverse hardware and hundreds of users.

Now with support from the NSF Mid-Scale Research Infrastructure (MSRI) program, we are pleased to announce our plans to build a new research infrastructure – SPHERE: Security and Privacy Heterogeneous Environment for Reproducible Experimentation. SPHERE will be a research infrastructure for at-scale, realistic and reproducible cybersecurity and privacy experimentation across very diverse hardware. This next generation experimental research infrastructure will employ the Merge software control stack. On day one, SPHERE will adopt  compute nodes from modernized DETERLab and embedded compute nodes from DCOMP. In the future, SPHERE will include a variety of hardware, including embedded/edge computing devices, devices for machine learning training and inference, cyber-physical devices and programmable logic controllers, Internet of Things devices, programmable network devices, and general computing devices. The SPHERE research infrastructure will facilitate novel, transformative research endeavors in cybersecurity and privacy: reproducible and deployable research products developed and tested in representative environments, integrated and broadly-applicable research across multiple disciplines, and research on novel threats and defenses.

With the advent of SPHERE we are decommissioning DETERLab. Researchers and educational users of DETERLab are already using the early SPHERE prototype – general compute nodes running Merge software in modernized DETERLab. Current users will continue to be supported and will have the opportunity to benefit from early SPHERE research infrastructure as it comes online.

We thank the generations of DETERLab users and encourage you to participate in the new SPHERE community!

You can learn more about DETERLab at https://deter-project.org/

You can learn more about Merge at: https://mergetb.org/
and SPHERE at: https://sphere-project.net/. and
https://new.nsf.gov/news/nsf-announces-4-mid-scale-research-infrastructure

SPHERE Proposal

• Summary
• Description and References
• Data Management Plan