Redundancy for Network Intrusion Prevention Systems (NIPS) - January 2017

Submitted by drwright on Mon, 12/12/2016 - 3:36pm

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s): Mike Reiter

Researchers: Victor Heorhiadi, Sheng Liu

HARD PROBLEM(S) ADDRESSED

Primary: Resilient Architectures

This work is developing an architecture for the scalable enforcement of network security policies that is resilient to traffic changes and traffic rerouting in response to failures.

PUBLICATIONS

None

ACCOMPLISHMENT HIGHLIGHTS

We showed that SDN applications expressed in our SOL framework can be automatically composed so as to ensure that their policies are met and that network resources are leveraged nearly optimally.
We showed that SDN operation sometimes allows inferences by unprivileged attackers as to whether a specific network flow occurred recently. In some cases, this capability can be used for network reconnaissance, e.g., to determine whether an IDS logged a record to a logging site and so whether the IDS detected an exploit attempt.

Groups:

NCSU Science of Security Lablet Research Initiative