Statistical anomaly detection for link-state routing protocols
作者: Diheng Qu , Brian M Vetter , Feiyi Wang , Ravindar Narayan , Shyhtsun Felix Wu
关键词: Distributed computing 、 Anomaly detection 、 Expert system 、 Computer science 、 Intrusion detection system 、 The Internet 、 Computer network 、 Electrical capacitance tomography 、 Open Shortest Path First 、 Routing protocol 、 Link-state routing protocol
摘要: The JiNao project at MCNC/NCSU focuses on detecting intrusions, especially insider attacks, against the OSPF (open shortest path first) routing protocol. This paper presents implementation and experiments of JiNao's statistical intrusion detection module. Our is based upon algorithm developed in SRI's NIDES (next-generation expert system) project. Some modifications improvements to NIDES/STAT are made for a more effective our environment. Also, three attacks (e.g., maxseq, maxage, seq++ attacks) have been evaluating efficacy capability. were conducted two different network testbeds. results indicate that proposed mechanism very these protocol attacks.
ieeecomputersociety.org
acm.org 参考文章(6)
Brian Vetter, Feiyi Wang, Shyhtsun Felix Wu, An experimental study of insider attacks for OSPF routing protocol international conference on network protocols. pp. 293- 300 ,(1997) , 10.1109/ICNP.1997.643735
Steven Cheung, Karl N. Levitt, Protecting routing infrastructures from denial of service using cooperative intrusion detection new security paradigms workshop. pp. 94- 106 ,(1998) , 10.1145/283699.283744
Harold S. Javitz, Alfonso Valdes, The NIDES Statistical Component Description and Justification ,(1994)
S.L. Murphy, M.R. Badger, Digital signature protection of the OSPF routing protocol network and distributed system security symposium. pp. 93- 102 ,(1996) , 10.1109/NDSS.1996.492416
J. Moy, OSPF Version 2 OSPF Version 2. ,vol. 1247, pp. 1- 189 ,(1998)
S. D. Silvey, R. V. Hogg, E. A. Tanis, Probability and Statistical Inference The Statistician. ,vol. 27, pp. 134- 134 ,(1978) , 10.2307/2987911