Title :
Intrusion detection for link state routing protocol through integrated network management
Author :
Wang, Feiyi ; Gong, F. ; Wu, Felix S. ; Narayan, Ravi
Author_Institution :
Adv. Networking Res. Group, MCNC, Research Triangle Park, NC, USA
Abstract :
The JiNao IDS project focuses on detecting intrusions, especially insider attacks against link state routing protocols such as OSPF. One important feature of the JiNao system is its integrated network management (INM) capability. Through SNMP and distributed programming interface (DPI), we can manage and control distributed JiNao IDS remotely, interoperate with other JiNao systems to do correlation analysis, and utilize both private MIB and OSPF MIB as a complementary way of doing intrusion detection. This paper describes the design and implementation of JiNao´s INM architecture. Three OSPF insider attacks (maxseq, maxage, and seq++) have been developed to evaluate its effectiveness and detection capability
Keywords :
computer network management; distributed programming; open systems; protocols; security of data; software performance evaluation; telecommunication control; telecommunication network routing; telecommunication security; JiNao IDS project; MIB; OSPF; SNMP; correlation analysis; distributed programming interface; evaluation; insider attacks; integrated network management; interoperability; intrusion detection; link state routing protocol; maxage; maxseq; remote control; seq++; Authentication; Control systems; Convergence; Distributed control; Internet; Intrusion detection; Project management; Protection; Routing protocols; Security;
Conference_Titel :
Computer Communications and Networks, 1999. Proceedings. Eight International Conference on
Conference_Location :
Boston, MA
Print_ISBN :
0-7803-5794-9
DOI :
10.1109/ICCCN.1999.805585
