Sciweavers

ICNP
1998
IEEE

Statistical Anomaly Detection for Link-State Routing Protocols

14 years 4 months ago
Statistical Anomaly Detection for Link-State Routing Protocols
The JiNao project at MCNC/NCSU focuses on detecting intrusions, especially insider attacks, against OSPF (Open Shortest Path First) routing protocol. This paper presents the implementation and experiments of the JiNao's statistical intrusion detection module. Our implementation is based upon the algorithm developed in SRI's NIDES (Next-generation Intrusion Detection Expert System) project. Some modifications and improvements to NIDES/STAT are made for a more effective implementation in our environment. Also, three OSPF insider attacks (e.g., maxseq, maxage, and seq++ attacks) have been developed for evaluating the efficacy of detecting capability. The experiments were conducted on two different network routing testbeds. The results indicate that the proposed statisticalmechanism is very effective in detectingthese routing protocol attacks.
D. Qu, Brain Vetter, Feiyi Wang, R. Narayan, Shyht
Added 04 Aug 2010
Updated 04 Aug 2010
Type Conference
Year 1998
Where ICNP
Authors D. Qu, Brain Vetter, Feiyi Wang, R. Narayan, Shyhtsun Felix Wu, Y. Frank Jou, Fengmin Gong, C. Sargor
Comments (0)