Unique among the world’s cyberlabs, Doug Jacobson’s test bed Internet offers a valuable tool for academic research and commercial applications.

In the midst of one of Iowa’s harsher winters, Doug Jacobson sits in his office in the old nuclear engineering building, reflecting on the advance of the new ISEAGE. “Don’t be left out in the cold,” warns a poster with the ISEAGE logo emblazoned over a glacial landscape.

Yet blow as they might, even Iowa’s winter winds can’t cool down the white-hot field of information assurance and Jacobson’s response: the Internet-Scale Event and Attack Generation Environment—or “ISEAGE.”

The acronym aside, Jacobson is the first to acknowledge that innovation in Internet technologies moves at anything but a glacial pace, and that includes the tools and techniques of the hackers, spoofers, spammers, and assorted other cybercriminals whose rapidly evolving methods must be matched by equally effective countermeasures.

Flexibility to violate the rules
Part of Iowa State’s Information Assurance Center (IAC), ISEAGE bills itself as “a test bed Internet for the research, design, evaluation, and testing of security solutions”—in other words, a secure, self-contained model of the working Internet that both academic researchers and industrial security specialists can use to anticipate, simulate, and respond to cyberattacks and other potentially catastrophic events in a way not possible on the real Internet.

“ISEAGE gives us the ability to create an environment and do training that we wouldn’t otherwise be able to do,” Jacobson remarks. “We’ve used ISEAGE as a training facility with various groups, primarily industrial groups such as IT auditors as opposed to particular companies.”

While a handful of other institutions have modeled the Internet, Jacobson says, their test beds are distributed and largely hardware-based—essentially, a series of routers over which researchers can conduct academic studies, with only a secondary focus on actual industrial applications. By contrast, ISEAGE is based on what Jacobson characterizes as “100% custom software,” which, he says, gives researchers the flexibility to violate the “rules” of the Internet in modeling the kinds of attacks that specific business and governmental systems are likely to endure.

According to doctoral student Nate Evans, who helped Jacobson build ISEAGE from the ground up, that kind of flexibility in a self-contained facility makes ISEAGE particularly valuable for industrial partners.

“We can morph ISEAGE into whatever we want it to be,” says Evans. “And we can cut it off from the real Internet so we don’t run the risk of others being able to watch what we’re doing. With academics, that’s generally not an issue, but corporations may not want that. Say we’re modeling Principal Financial Group’s network and we’re looking for flaws or vulnerabilities—we don’t want that information getting out to the public.”

More than a classroom
Up to now, ISEAGE has perhaps been best known as the “classroom” where, for the past several years, students from Iowa high schools, community colleges, and other universities have met to test their computer smarts in competition against each other and some of Iowa State’s and industry’s best hackers. The students typically lose the battle to their more experienced opponents but in the process begin to develop skills that may serve both them and future employers, should they opt for careers in information assurance.

But more than a classroom for current and future Iowa State students, ISEAGE is poised to become an indispensable tool for IT specialists in Iowa and beyond. Thanks to its participation in the Center for Information Protection, a National Science Foundation Industry/University Cooperative Research Center, the IAC has established partnerships and projects with both industrial and governmental organizations.

One such project, MAP Iowa, is using ISEAGE to re-create a working model of the Iowa Communications Network (ICN), the state-owned fiber optic network that links Iowa government agencies, as well as schools, universities, and local government bodies. By modeling the ICN over ISEAGE, Iowa State and state of Iowa IT experts can better assess the system’s vulnerabilities and recommend strategies to protect it from both attacks and natural disasters.

“We can hang real equipment off the model,” Jacobson says. “We can run cyberattacks and look at disaster recovery and business continuity in real time, and develop contingency plans and train people based on these.”

While not an intranet in a strict sense, Jacobson observes, the ICN is nonetheless a relatively closed network, with fiber optic cables buried parallel to roadways and other public utilities. And because of its dedicated architecture, the ICN is in fact more vulnerable than the vastly larger Internet to which it serves as a portal, lacking as it does the redundancy—and thus the robustness—of the public Internet.

>>Next Page