Sensor-based intrusion detection for intra-domain distance-vector routing
Proceedings of the 9th ACM conference on Computer and communications security
A cooperative intrusion detection system for ad hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
On the accuracy of decentralized virtual coordinate systems in adversarial networks
Proceedings of the 14th ACM conference on Computer and communications security
ACM Computing Surveys (CSUR)
Robust Decentralized Virtual Coordinate Systems in Adversarial Environments
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
The JiNao project at MCNC/NCSU focuses on detecting intrusions, especially insider attacks, against the OSPF (open shortest path first) routing protocol. This paper presents the implementation and experiments of JiNao's statistical intrusion detection module. Our implementation is based upon the algorithm developed in SRI's NIDES (next-generation intrusion detection expert system) project. Some modifications and improvements to NIDES/STAT are made for a more effective implementation in our environment. Also, three OSPF insider attacks (e.g., maxseq, maxage, and seq++ attacks) have been developed for evaluating the efficacy of detecting capability. The experiments were conducted on two different network routing testbeds. The results indicate that the proposed statistical mechanism is very effective in detecting these routing protocol attacks.