Redundancy for Network Intrusion Prevention Systems (NIPS) - October 2014

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Mike Reiter

HARD PROBLEM(S) ADDRESSED

Primary:  Resilient Architectures

This work is developing an architecture for the scalable enforcement of network security policies that is resilient to traffic changes and traffic rerouting in response to failures.

PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

V. Heorhiadi, S. K. Fayaz, M. K. Reiter and V. Sekar.  "SNIPS: A software-defined approach for scaling intrusion prevention systems via offloading."  In Proceedings of the International Conference on Information and Systems Security (to appear), Hyderabad, India.  December 2014.

ACCOMPLISHMENT HIGHLIGHTS

We have developed techniques to assign network intrusion prevention (NIPS) tasks to the available NIPS nodes in a network so as to respect node and link constraints and to minimize the latency imposed on good traffic and the footprint of malicious traffic on the network.  As such, our approach enables a network to wring the best performance out of its hardware investments under the traffic and policy-enforcement demands it is facing.