Real-time protocol analysis for detecting link-state routing protocol attacks
ACM Transactions on Information and System Security (TISSEC)
CAPTRA: coordinated packet traceback
Proceedings of the 5th international conference on Information processing in sensor networks
Experimental analysis of attacks against intradomain routing protocols
Journal of Computer Security
BeeHiveGuard: a step towards secure nature inspired routing algorithms
EuroGP'06 Proceedings of the 2006 international conference on Applications of Evolutionary Computing
Verification of OSPF vulnerabilities by colored Petri net
Proceedings of the 6th International Conference on Security of Information and Networks
Hi-index | 0.01 |
It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study the security threats, especially internal/insider threats, for the standardized routing protocol OSPF. In OSPF, a group of routers collaborate, exchange routing information, and forward packets for each other. If one (and maybe more than one) router is evil or compromised, how can this router damage the whole network? In this paper, we analyze OSPF and identify its strengths and weakness under various insider attacks. Furthermore, to confirm our analysis, we have implemented and experimented one attack, the max sequence number attack, on our OSPF routing testbed. Our attack is very successful against two independently developed router products as it will block routing updates for 60 minutes by simply injecting one bad OSPF protocol data unit.