Computer Science ›› 2019, Vol. 46 ›› Issue (6A): 343-347.

• Information Security • Previous Articles     Next Articles

NFV Based Detection Method Against Double LSAs Attack on OSPF Protocol

LI Peng-fei, CHEN Ming, DENG Li, QIAN Hong-yan   

  1. Department of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China
  • Online:2019-06-14 Published:2019-07-02

Abstract: The OSPF protocol is one of the most widely used and successful interior gateway routing protocols in the Internet.Although there have been lots of investigations on the security of the OSPF protocol,there is still a lack of effective detection methods against the route spoofing attacks,so it is difficult to ensure the security of the OSPF routing in networks.By studying the principle of the double link state advertisements (LSAs) attack on the OSPF protocol,this paper presented three necessary conditions that are used to detect the attack,and proposed a detection method against the double LSAs attack on the OSPF protocol.Then,a corresponding detection middle box and analysis server used to detect attacks and clear up their routing pollution were designed and implemented based on the network function virtualization (NFV) technology.The detection middle box is responsible for capturing relevant OSPF packets from various links,sending the trace records to the analysis server,and receiving instructions from the analysis server to restore the polluted routes.The analysis server invokes the detection algorithm to analyze and process the trace record stream,and an alarm is given and an instruction is sent to the detection middle box to restore the contaminated routes if an attack is detected.The experimental results of the prototype show that the proposed method can detect the OSPF double LSAs attack in both IP networks or NFV networks accurately and efficiently,and the prototype has excellent characteristics such as high cost performance and easy to deploy.

Key words: Detection method, Network function virtualization, Network security, OSPF, Routing protocol attack

CLC Number: 

  • TP393
[1]JIN L,XIE L.Internet network security [J].Computer Engineering And Design,2003,24(2):19-22.
[2]MOY J.OSPF version 2.RFC 2328 [S].Fremont,CA:IETF,1998.
[3]MOY J T.OSPF:Anatomy of an Internet routing protocol[J].IEEE Network,1998,12(6):4.
[4]JAYAKUMAR M,REKHA N R S,BHARATHI B.A comparative study on RIP and OSPF protocols[C]∥Proceedings of International Conference on Innovations in Information,Embedded and Communication Systems.NJ:IEEE,2015:1-5.
[5]NAKIBLY G,KIRSHON A,GONIKMAN D,et al.Persistent OSPF attacks [C]∥Proceedings of the 19th Annual Network and Distributed System Security Symposium.San Diego:Internet Society,2012.
[6]JONES E,LE MOIGNE O.OSPF Security Vulnerabilities Analysis [S].2006.
[7]NAKIBLY G,KIRSHON A,GONIKMAN D,et al.Owning the Routing Table-New OSPF Attacks[C]∥Proceedings of Black Hat .USA:Black Hat,2011.
[8]夏云峰.基于OSPF路由协议的路由欺骗分析[D].南京:东南大学,2014.
[9]SONG Y,GAO S,HU A,et al.Novel attacks in OSPF networks to poison routing table[C]∥ICC 2017-2017 IEEE International Conference on Communications.IEEE,2017:1-6.
[10]KASAMSUWAN P,VISOOTTIVISETH V.OSV:OSPF vulnerability checking tool[C]∥Proceedings of International Joint Conference on Computer Science and Software Engineering.NJ:IEEE,2017:1-6.
[11]WANG M H.The Security Analysis and Attacks Detection of OSPF Routing Protocol[C]∥Proceedings of International Conference on Intelligent Computation Technology and Automation.NJ:IEEE,2015:836-839.
[12]MIJUMBI R,SERRAT J,GORRICHO J L,et al.Network Function Virtualization:State-of-the-art and Research Challenges[J].IEEE Communications Surveys & Tutorials,2017,18(1):236-262.
[13]MICHALSKI M,CIESLAK K,POLAK M.The system for large networks emulation with OSPF/BGP routers based on LXC[C]∥IEEE,International Conference on High PERFORMANCE Switching and Routing.IEEE,2016:1-4.
[14]BEMSTEIN D.Containers and Cloud:From LXC to Docker to Kubernetes[J].IEEE Cloud Computing,2015,1(3):81-84.
[15]JAKMA P,LAMPARTER D.Introduction to the quagga routing suite[J].IEEE Network,2014,28(2):42-48.
[16]DUMITRACHE C G,PREDUSCA G,CIRCIUMARESCU L D,et al.Comparative study of RIP,OSPF and EIGRPprotocols using Cisco Packet Tracer[C]∥Proceedings of International Symposium on Electrical and Electronics Engineering.NJ:IEEE,2017:1-6.
[1] LIU Jie-ling, LING Xiao-bo, ZHANG Lei, WANG Bo, WANG Zhi-liang, LI Zi-mu, ZHANG Hui, YANG Jia-hai, WU Cheng-nan. Network Security Risk Assessment Framework Based on Tactical Correlation [J]. Computer Science, 2022, 49(9): 306-311.
[2] CHEN Jing, WU Ling-ling. Mixed Attribute Feature Detection Method of Internet of Vehicles Big Datain Multi-source Heterogeneous Environment [J]. Computer Science, 2022, 49(8): 108-112.
[3] ZHAO Dong-mei, WU Ya-xing, ZHANG Hong-bin. Network Security Situation Prediction Based on IPSO-BiLSTM [J]. Computer Science, 2022, 49(7): 357-362.
[4] DU Hong-yi, YANG Hua, LIU Yan-hong, YANG Hong-peng. Nonlinear Dynamics Information Dissemination Model Based on Network Media [J]. Computer Science, 2022, 49(6A): 280-284.
[5] DENG Kai, YANG Pin, LI Yi-zhou, YANG Xing, ZENG Fan-rui, ZHANG Zhen-yu. Fast and Transmissible Domain Knowledge Graph Construction Method [J]. Computer Science, 2022, 49(6A): 100-108.
[6] LYU Peng-peng, WANG Shao-ying, ZHOU Wen-fang, LIAN Yang-yang, GAO Li-fang. Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network [J]. Computer Science, 2022, 49(6A): 588-593.
[7] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
[8] CHEN Hai-biao, HUANG Sheng-yong, CAI Jie-rui. Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid [J]. Computer Science, 2021, 48(6A): 491-497.
[9] WANG Jin-heng, SHAN Zhi-long, TAN Han-song, WANG Yu-lin. Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network [J]. Computer Science, 2021, 48(6): 338-342.
[10] ZHANG Kai, LIU Jing-ju. Attack Path Analysis Method Based on Absorbing Markov Chain [J]. Computer Science, 2021, 48(5): 294-300.
[11] LIU Quan-ming, LI Yin-nan, GUO Ting, LI Yan-wei. Intrusion Detection Method Based on Borderline-SMOTE and Double Attention [J]. Computer Science, 2021, 48(3): 327-332.
[12] WANG Yu-chen, QI Wen-hui, XU Li-zhen. Security Cooperation of UAV Swarm Based on Blockchain [J]. Computer Science, 2021, 48(11A): 528-532.
[13] MA Lin, WANG Yun-xiao, ZHAO Li-na, HAN Xing-wang, NI Jin-chao, ZHANG Jie. Network Intrusion Detection System Based on Multi-model Ensemble [J]. Computer Science, 2021, 48(11A): 592-596.
[14] JIANG Jian-feng, SUN Jin-xia, YOU Lan-tao. Security Clustering Strategy Based on Particle Swarm Optimization Algorithm in Wireless Sensor Network [J]. Computer Science, 2021, 48(11A): 452-455.
[15] SU Chang, ZHANG Ding-quan, XIE Xian-zhong, TAN Ya. NFV Memory Resource Management in 5G Communication Network [J]. Computer Science, 2020, 47(9): 246-251.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!