Design and Implementation of Property-Oriented Detection for Link State Routing Protocols
作者: Hairong Qi , Felix S. Wu , Fengmin Gong , Feiyi Wang
DOI:
关键词:
摘要: This paper presents a new intrusion detection approach, property-oriented analysis and (POD). We discuss both the generic paradigm of this approach our design implementation experience within context link state routing system. A system is modeled as set distributed processes. property deflned predicate over variables. For protocol, overall converging P \equality" among information bases maintained by all decompose proto- col into difierent computation phases specify them us- ing Input/Output Automata (IOA). each phase, we use predicates (liveness safety property) guide for observation analysis. The goal algorithm to construct validation path based on his- tory determine if fault natural or malicious when rendered invalid faults. contribution three-fold: First, proposed difiers from traditional signature pro- flle paradigms in sense that it utilizes stable starting point, correlates history future validate changes caused nat- ural faults identify system; Second, exploring primary concerned properties, show efiort can be conducted more focused systematic fashion. Third, im- plementation shows how efiectively applied complex system, i.e.,
ucdavis.edu 参考文章(25)
Radia Joy Perlman, Network layer protocols with byzantine robustness Massachusetts Institute of Technology. ,(1988)
Dorothy E. Denning, Cyberspace attacks and countermeasures Internet besieged. pp. 29- 55 ,(1997)
Y.F. Jou, F. Gong, C. Sargor, X. Wu, S.F. Wu, H.C. Chang, F. Wang, Design and implementation of a scalable intrusion detection system for the protection of network infrastructure darpa information survivability conference and exposition. ,vol. 2, pp. 69- 83 ,(2000) , 10.1109/DISCEX.2000.821510
K. Mani Chandy, Parallel Program Design: A Foundation ,(1988)
Feiyi Wang, Fengmin Gong, Felix S Wu, Ravindar Narayan, Intrusion detection for link state routing protocol through integrated network management international conference on computer communications and networks. pp. 634- 639 ,(1999) , 10.1109/ICCCN.1999.805585
Teresa F. Lunt, A survey of intrusion detection techniques Computers & Security. ,vol. 12, pp. 405- 418 ,(1993) , 10.1016/0167-4048(93)90029-5
Nancy A. Lynch, Mark R. Tuttle, Hierarchical correctness proofs for distributed algorithms Proceedings of the sixth annual ACM Symposium on Principles of distributed computing - PODC '87. pp. 137- 151 ,(1987) , 10.1145/41840.41852
Kenneth J. Perry, Sam Toueg, Distributed agreement in the presence of processor and communication faults IEEE Transactions on Software Engineering. ,vol. 12, pp. 477- 482 ,(1986) , 10.1109/TSE.1986.6312888
A. Udaya Shankar, An introduction to assertional reasoning for concurrent systems ACM Computing Surveys. ,vol. 25, pp. 225- 262 ,(1993) , 10.1145/158439.158441
J.H. Saltzer, M.D. Schroeder, The protection of information in computer systems Proceedings of the IEEE. ,vol. 63, pp. 1278- 1308 ,(1975) , 10.1109/PROC.1975.9939