Redundancy for Network Intrusion Prevention Systems (NIPS) - April 2016

Submitted by drwright on Thu, 03/10/2016 - 11:26am

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s): Mike Reiter

Researchers: Victor Heorhiadi, Jun Jiang

HARD PROBLEM(S) ADDRESSED

Primary: Resilient Architectures

This work is developing an architecture for the scalable enforcement of network security policies that is resilient to traffic changes and traffic rerouting in response to failures.

PUBLICATIONS

Victor Heorhiadi, Michael K. Reiter, Vyas Sekar. 2016. Simplifying software-defined network optimization using SOL. The 13th USENIX Symposium on Networked System Design and Implementation. URL: https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/heorhiadi

ACCOMPLISHMENT HIGHLIGHTS

In addition to publishing our initial paper on SOL, we have released the code for further experimentation by the research community. See http://cs.unc.edu/~victor/sol/.
A paper on research initiated during an internship last summer, but which continued into the academic year, has been accepted to ICDCS 2016. This work develops a framework and system for subjecting microservice-based systems to faults and evaluating their reactions to them, in an effort to validate proper implementation of fault-handling patterns. This work performs fault injection and monitoring at the network layer and so complements SOL by providing an active monitoring capability for proper implementation, specifically of fault-handling patterns.

Groups:

NCSU Science of Security Lablet Research Initiative