计算机科学 ›› 2019, Vol. 46 ›› Issue (6A): 343-347.
李鹏飞, 陈鸣, 邓理, 钱红燕
LI Peng-fei, CHEN Ming, DENG Li, QIAN Hong-yan
摘要: OSPF协议是因特网中使用最广泛和最成功的内部网关路由协议之一。尽管当前对OSPF协议的安全性已有许多研究,但仍缺乏有效的检测路由欺骗攻击的方法,难以保证网络中OSPF路由的安全性。通过研究OSPF双链路状态通告(LSA)攻击方法的原理,给出了用于确定攻击者的3个必要条件,提出了一种检测OSPF双LSA攻击的方法。基于网络功能虚拟化(NFV)技术,设计实现了检测中间盒与分析服务器用于检测攻击与消除路由污染。检测中间盒负责从各链路捕获相关OSPF分组,将trace记录发送给分析服务器;分析服务器调用检测算法分析处理接收到的trace记录流,若检测到攻击则告警,同时指令检测中间盒来恢复污染路由。原型系统的实验结果表明,所提方法能够在IP网络或NFV网络中准确高效地检测出OSPF双LSA攻击,并且实现的系统具有性价比高、易于部署等优良特点。
中图分类号:
[1]JIN L,XIE L.Internet network security [J].Computer Engineering And Design,2003,24(2):19-22. [2]MOY J.OSPF version 2.RFC 2328 [S].Fremont,CA:IETF,1998. [3]MOY J T.OSPF:Anatomy of an Internet routing protocol[J].IEEE Network,1998,12(6):4. [4]JAYAKUMAR M,REKHA N R S,BHARATHI B.A comparative study on RIP and OSPF protocols[C]∥Proceedings of International Conference on Innovations in Information,Embedded and Communication Systems.NJ:IEEE,2015:1-5. [5]NAKIBLY G,KIRSHON A,GONIKMAN D,et al.Persistent OSPF attacks [C]∥Proceedings of the 19th Annual Network and Distributed System Security Symposium.San Diego:Internet Society,2012. [6]JONES E,LE MOIGNE O.OSPF Security Vulnerabilities Analysis [S].2006. [7]NAKIBLY G,KIRSHON A,GONIKMAN D,et al.Owning the Routing Table-New OSPF Attacks[C]∥Proceedings of Black Hat .USA:Black Hat,2011. [8]夏云峰.基于OSPF路由协议的路由欺骗分析[D].南京:东南大学,2014. [9]SONG Y,GAO S,HU A,et al.Novel attacks in OSPF networks to poison routing table[C]∥ICC 2017-2017 IEEE International Conference on Communications.IEEE,2017:1-6. [10]KASAMSUWAN P,VISOOTTIVISETH V.OSV:OSPF vulnerability checking tool[C]∥Proceedings of International Joint Conference on Computer Science and Software Engineering.NJ:IEEE,2017:1-6. [11]WANG M H.The Security Analysis and Attacks Detection of OSPF Routing Protocol[C]∥Proceedings of International Conference on Intelligent Computation Technology and Automation.NJ:IEEE,2015:836-839. [12]MIJUMBI R,SERRAT J,GORRICHO J L,et al.Network Function Virtualization:State-of-the-art and Research Challenges[J].IEEE Communications Surveys & Tutorials,2017,18(1):236-262. [13]MICHALSKI M,CIESLAK K,POLAK M.The system for large networks emulation with OSPF/BGP routers based on LXC[C]∥IEEE,International Conference on High PERFORMANCE Switching and Routing.IEEE,2016:1-4. [14]BEMSTEIN D.Containers and Cloud:From LXC to Docker to Kubernetes[J].IEEE Cloud Computing,2015,1(3):81-84. [15]JAKMA P,LAMPARTER D.Introduction to the quagga routing suite[J].IEEE Network,2014,28(2):42-48. [16]DUMITRACHE C G,PREDUSCA G,CIRCIUMARESCU L D,et al.Comparative study of RIP,OSPF and EIGRPprotocols using Cisco Packet Tracer[C]∥Proceedings of International Symposium on Electrical and Electronics Engineering.NJ:IEEE,2017:1-6. |
[1] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[2] | 王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077 |
[3] | 陈晶, 吴玲玲. 多源异构环境下的车联网大数据混合属性特征检测方法 Mixed Attribute Feature Detection Method of Internet of Vehicles Big Datain Multi-source Heterogeneous Environment 计算机科学, 2022, 49(8): 108-112. https://doi.org/10.11896/jsjkx.220300273 |
[4] | 赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103 |
[5] | 陶礼靖, 邱菡, 朱俊虎, 李航天. 面向网络安全训练评估的受训者行为描述模型 Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment 计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048 |
[6] | 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043 |
[7] | 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓. 一种可快速迁移的领域知识图谱构建方法 Fast and Transmissible Domain Knowledge Graph Construction Method 计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018 |
[8] | 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳. 基于进化神经网络的电力信息网安全态势量化方法 Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network 计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151 |
[9] | 张师鹏, 李永忠. 基于降噪自编码器和三支决策的入侵检测方法 Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions 计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059 |
[10] | 周仕承, 刘京菊, 钟晓峰, 卢灿举. 基于深度强化学习的智能化渗透测试路径发现 Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning 计算机科学, 2021, 48(7): 40-46. https://doi.org/10.11896/jsjkx.210400057 |
[11] | 李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021 |
[12] | 陈海彪, 黄声勇, 蔡洁锐. 一个基于智能电网的跨层路由的信任评估协议 Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid 计算机科学, 2021, 48(6A): 491-497. https://doi.org/10.11896/jsjkx.201000169 |
[13] | 王金恒, 单志龙, 谭汉松, 王煜林. 基于遗传优化PNN神经网络的网络安全态势评估 Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network 计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239 |
[14] | 张凯, 刘京菊. 基于吸收Markov链的网络入侵路径分析方法 Attack Path Analysis Method Based on Absorbing Markov Chain 计算机科学, 2021, 48(5): 294-300. https://doi.org/10.11896/jsjkx.200700108 |
[15] | 陈明豪, 祝跃飞, 芦斌, 翟懿, 李玎. 基于Attention-CNN的加密流量应用类型识别 Classification of Application Type of Encrypted Traffic Based on Attention-CNN 计算机科学, 2021, 48(4): 325-332. https://doi.org/10.11896/jsjkx.200900155 |
|