Abstract
Open Shortest Path First (OSPF) is the most widely deployed interior gateway routing protocol on the Internet. We here present an approach to detect the attacks to which OSPF is vulnerable. As security feature, OSPF uses “fight-back” mechanism to detect false LSA flooded in network and take appropriate action. But few attacks have been proposed which bypass/overtake this mechanism to inject false LSA. And few attacks that are out of range of this mechanism. We will try to implement our approach to detect and mitigate these attacks. This approach is reactive so it may take small interval of time to detect and recover network from attack but is effective in doing so and securing the infrastructure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Moy, J.: OSPF version 2: IETF RFC 2328 (April 1998)
Dijkstra, E.W.: A note on two problems in connexion with graphs. Numerische Mathematik 1, 269–271 (1959)
Nakibly, G., Boneh, D.: Persistent OSPF attacks. In: Proceedings of the 19th Annual Network & Distributed System Security Conference, NDSS 2012 (2012)
Wang, F., Felix Wu, S.: On the Vulnerabilities and Protection of OSPF Routing Protocol. U.S. Department of Defense Advanced Research Projects Agency (1998)
Jones, E., Moigne, O.L.: OSPF Security Vulnerabilities Analysis. Internet-Draft draft-ietf-rpsec-ospf-vuln-02, IETF (June 2006)
Mahajan, R., Spring, N., Wetherall, D., Anderson, T.: Inferring link weights using end-to-end measurements. In: ACM SIGCOMM Internet Measurement Workshop (IMW) (November 2002)
Wang, F., Vetter, B., Wu, S.F.: Secure Routing Protocols: Theory and Practice. Technical report. North Carolina State University (May 1997)
Ghourabi, A., Abbes, T., Bouhoula, A.: Honeypot Router for routing protocols protection. Department of Computer Science and Networks, 2083 Cité El Ghazala, Tunisia. IEEE (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sangroha, D., Gupta, V. (2014). Analyzer Router: An Approach to Detect and Recover from OSPF Attacks. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_36
Download citation
DOI: https://doi.org/10.1007/978-3-662-44966-0_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44965-3
Online ISBN: 978-3-662-44966-0
eBook Packages: Computer ScienceComputer Science (R0)