Routing in the Internet
Protecting routing infrastructures from denial of service using cooperative intrusion detection
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Security Architecture for the Internet Infrastructure
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Digital signature protection of the OSPF routing protocol
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Reducing The Cost Of Security In Link-State Routing
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Securing Distance-Vector Routing Protocols
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
On the Vulnerabilities and Protection of OSPF Routing Protocol
IC3N '98 Proceedings of the International Conference on Computer Communications and Networks
An efficient message authentication scheme for link state routing
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Statistical Anomaly Detection for Link-State Routing Protocols
ICNP '98 Proceedings of the Sixth International Conference on Network Protocols
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
A cooperative intrusion detection system for ad hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
A formal approach to sensor placement and configuration in a network intrusion detection system
Proceedings of the 2006 international workshop on Software engineering for secure systems
Experimental analysis of attacks against intradomain routing protocols
Journal of Computer Security
Distributed Intrusion Detection Systems for Enhancing Security in Mobile Wireless Sensor Networks
International Journal of Distributed Sensor Networks - Advances on Heterogeneous Wireless Sensor Networks
Hop chains: Secure routing and the establishment of distinct identities
Theoretical Computer Science
Hop chains: secure routing and the establishment of distinct identities
OPODIS'06 Proceedings of the 10th international conference on Principles of Distributed Systems
On the anomaly intrusion-detection in mobile ad hoc network environments
PWC'06 Proceedings of the 11th IFIP TC6 international conference on Personal Wireless Communications
A verified distance vector routing protocol for protection of internet infrastructure
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
Efficient recovery from false state in distributed routing algorithms
NETWORKING'10 Proceedings of the 9th IFIP TC 6 international conference on Networking
| Hi-index | 0.00 |
Detection of routing-based attacks is difficult because malicious routing behavior can be identified only in specific network locations. In addition, the configuration of the signatures used by intrusion detection sensors is a time-consuming and error-prone task because it has to take into account both the network topology and the characteristics of the particular routing protocol in use. We describe an intrusion detection technique that uses information about both the network topology and the positioning of sensors to determine what can be considered malicious in a particular place of the network. The technique relies on an algorithm that automatically generates the appropriate sensor signatures. This paper presents a description of the approach, applies it to an intra-domain distance-vector protocol and reports the results of its evaluation.