Redundancy for Network Intrusion Prevention Systems (NIPS)

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Mike Reiter

HARD PROBLEM(S) ADDRESSED

Primary:  Resilient Architectures

This work is developing an architecture for the scalable enforcement of network security policies that is resilient to traffic changes and traffic rerouting in response to failures.

PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

None

ACCOMPLISHMENT HIGHLIGHTS

We have developed techniques to express requirements for enforcing policies on network traffic in large networks and then solving those requirements to determine the nodes at which policies should be enforced on which kinds of traffic.  In doing so, we can ensure that nodes and links do not become overloaded, and that the footprint of unwanted traffic on the network is minimized.