In this paper, we investigate threats against our previous work (i.e., OpenTag) in terms of confidentiality, integrity and availability. OpenTag is a tag based network slicing method for wide area coordinated in-network packet processing and traffic classification with performance isolation. OpenTag is an effective mechanism for slicing network testbeds. We also propose mitigation methods regarding the threat model. We design OpenTag Anomaly Detection System (OADS) to detect anomalous activities in the OpenTag network. OADS is distributed and is able to operate at line speed. We implemented and evaluated OADS through which we illustrate the proposed method is efficient and feasible.