An experimental study of insider attacks for OSPF routing protocol

Author

Vetter, Brain ; Wang, Feiyi ; Wu, S. Felix

Author_Institution

Dept. of Comput. Sci., North Carolina State Univ., Raleigh, NC, USA

fYear

1997

fDate

28-31 Oct 1997

Firstpage

293

Lastpage

300

Abstract

It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study the security threats, especially internal/insider threats, for the standardized routing protocol OSPF. In OSPF, a group of routers collaborate, exchange routing information, and forward packets for each other. If one (and maybe more than one) router is evil or compromised, how can this router damage the whole network? In this paper, we analyze OSPF and identify its strengths and weakness under various insider attacks. Furthermore, to confirm our analysis, we have implemented and experimented one attack, the max sequence number attack, on our OSPF routing testbed. Our attack is very successful against two independently developed router products as it will block routing updates for 60 minutes by simply injecting one bad OSPF protocol data unit

Keywords

Internet; security of data; telecommunication network routing; transport protocols; OSPF routing protocol; OSPF routing testbed; management protocols; max sequence number attack; network infrastructure; network routing; router products; security intrusions; Collaboration; Computer network management; Computer science; Computer security; Forward contracts; IP networks; Information security; Protection; Routing protocols; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Protocols, 1997. Proceedings., 1997 International Conference on

Conference_Location

Atlanta, GA

ISSN

1092-1648

Print_ISBN

0-8186-8061-X

Type

conf

DOI

10.1109/ICNP.1997.643735

Filename

643735