Intrusion detection for link state routing protocol through integrated network management

Author

Wang, Feiyi ; Gong, F. ; Wu, Felix S. ; Narayan, Ravi

Author_Institution

Adv. Networking Res. Group, MCNC, Research Triangle Park, NC, USA

fYear

1999

fDate

1999

Firstpage

634

Lastpage

639

Abstract

The JiNao IDS project focuses on detecting intrusions, especially insider attacks against link state routing protocols such as OSPF. One important feature of the JiNao system is its integrated network management (INM) capability. Through SNMP and distributed programming interface (DPI), we can manage and control distributed JiNao IDS remotely, interoperate with other JiNao systems to do correlation analysis, and utilize both private MIB and OSPF MIB as a complementary way of doing intrusion detection. This paper describes the design and implementation of JiNao´s INM architecture. Three OSPF insider attacks (maxseq, maxage, and seq++) have been developed to evaluate its effectiveness and detection capability

Keywords

computer network management; distributed programming; open systems; protocols; security of data; software performance evaluation; telecommunication control; telecommunication network routing; telecommunication security; JiNao IDS project; MIB; OSPF; SNMP; correlation analysis; distributed programming interface; evaluation; insider attacks; integrated network management; interoperability; intrusion detection; link state routing protocol; maxage; maxseq; remote control; seq++; Authentication; Control systems; Convergence; Distributed control; Internet; Intrusion detection; Project management; Protection; Routing protocols; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Communications and Networks, 1999. Proceedings. Eight International Conference on

Conference_Location

Boston, MA

ISSN

1095-2055

Print_ISBN

0-7803-5794-9

Type

conf

DOI

10.1109/ICCCN.1999.805585

Filename

805585