IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Protocol verification made simple: a tutorial
Computer Networks and ISDN Systems - Special issue on protocol specification, testing and verification
Theoretical Computer Science
Routing in the Internet
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Self-stabilizing systems in spite of distributed control
Communications of the ACM
OSPF: Anatomy of an Internet Routing Protocol
OSPF: Anatomy of an Internet Routing Protocol
Distributed Algorithms
Introduction To Automata Theory, Languages, And Computation
Introduction To Automata Theory, Languages, And Computation
Reducing The Cost Of Security In Link-State Routing
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
An experimental study of insider attacks for OSPF routing protocol
ICNP '97 Proceedings of the 1997 International Conference on Network Protocols (ICNP '97)
Automatic alarm correlation for fault identification
INFOCOM '95 Proceedings of the Fourteenth Annual Joint Conference of the IEEE Computer and Communication Societies (Vol. 2)-Volume - Volume 2
An Immunological Approach to Change Detection: Algorithms, Analysis and Implications
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Abstraction-based intrusion detection in distributed environments
ACM Transactions on Information and System Security (TISSEC)
Experimental analysis of attacks against intradomain routing protocols
Journal of Computer Security
New architecture for intra-domain network security issues
Communications of the ACM - Entertainment networking
Theoretical bounds on control-plane self-monitoring in routing protocols
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
A Framework for Large-Scale Detection of Web Site Defacements
ACM Transactions on Internet Technology (TOIT)
Hi-index | 0.00 |
A real-time knowledge-based network intrusion-detection model for a link-state routing protocol is presented for the OSPF protocol. This model includes three layers: a data process layer to parse packets and dispatch data; and event abstractor to abstract predefined real-time events for the link-state routing protocol; and an extended timed finite state machine to express the real-time behavior of the protocol engine and to detect intrusions by pattern matching. The timed FSM, called the JiNao Finite State Machine (JFSM) is extended from the conventional FSM with timed states, multiple timers, and time constraints on state transitions. The JFSM is implemented as a generator that can create and FSM by constructing the configuration file only. The results show that this approach is very effective for detecting real-time intrusions. Our approach can be extended for use in other network protocol intrusion-detection systems, especially for those with known attacks.