Title :
An experimental study of insider attacks for OSPF routing protocol
Author :
Vetter, Brain ; Wang, Feiyi ; Wu, S. Felix
Author_Institution :
Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC, USA
Abstract :
It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study the security threats, especially internal/insider threats, for the standardized routing protocol OSPF. In OSPF, a group of routers collaborate, exchange routing information, and forward packets for each other. If one (and maybe more than one) router is evil or compromised, how can this router damage the whole network? In this paper, we analyze OSPF and identify its strengths and weakness under various insider attacks. Furthermore, to confirm our analysis, we have implemented and experimented one attack, the max sequence number attack, on our OSPF routing testbed. Our attack is very successful against two independently developed router products as it will block routing updates for 60 minutes by simply injecting one bad OSPF protocol data unit
Keywords :
Internet; security of data; telecommunication network routing; transport protocols; OSPF routing protocol; OSPF routing testbed; management protocols; max sequence number attack; network infrastructure; network routing; router products; security intrusions; Collaboration; Computer network management; Computer science; Computer security; Forward contracts; IP networks; Information security; Protection; Routing protocols; Testing;
Conference_Titel :
Network Protocols, 1997. Proceedings., 1997 International Conference on
Conference_Location :
Atlanta, GA
Print_ISBN :
0-8186-8061-X
DOI :
10.1109/ICNP.1997.643735
