Visible to the public Redundancy for Network Intrusion Prevention Systems (NIPS) - July 2017Conflict Detection Enabled

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Mike Reiter

Researchers: Victor Heorhiadi, Sheng Liu


Primary:  Resilient Architectures

This work is developing an architecture for the scalable enforcement of network security policies that is resilient to traffic changes and traffic rerouting in response to failures.



  • We demonstrated flow-reconnaissance attacks that arise due to timing channels in SDN switches.  We published a paper at ICDCS 2017 on this topic.
  • We reimplemented the SNIPS application ( in the SOL framework, demonstrating how a complex security application can be expressed very simply using a framework like SOL with very similar optimality and performance characteristics as our original, hand-tuned implementation.