%0 Conference Paper %1 Vetter97 %A Vetter, B. %A Wang, F. %A Wu, S.F. %B Network Protocols, 1997. Proceedings., 1997 International Conference on %D 1997 %K Internet OSPF_routing_protocol OSPF_routing_testbed management_protocols max_sequence_number_attack network_infrastructure network_routing router_products security_intrusions security_of_data protocol transport network routing telecommunication %P 293 -300 %R 10.1109/ICNP.1997.643735 %T An experimental study of insider attacks for OSPF routing protocol %X It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study the security threats, especially internal/insider threats, for the standardized routing protocol OSPF. In OSPF, a group of routers collaborate, exchange routing information, and forward packets for each other. If one (and maybe more than one) router is evil or compromised, how can this router damage the whole network? In this paper, we analyze OSPF and identify its strengths and weakness under various insider attacks. Furthermore, to confirm our analysis, we have implemented and experimented one attack, the max sequence number attack, on our OSPF routing testbed. Our attack is very successful against two independently developed router products as it will block routing updates for 60 minutes by simply injecting one bad OSPF protocol data unit

@inproceedings{Vetter97, abstract = {It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study the security threats, especially internal/insider threats, for the standardized routing protocol OSPF. In OSPF, a group of routers collaborate, exchange routing information, and forward packets for each other. If one (and maybe more than one) router is evil or compromised, how can this router damage the whole network? In this paper, we analyze OSPF and identify its strengths and weakness under various insider attacks. Furthermore, to confirm our analysis, we have implemented and experimented one attack, the max sequence number attack, on our OSPF routing testbed. Our attack is very successful against two independently developed router products as it will block routing updates for 60 minutes by simply injecting one bad OSPF protocol data unit}, added-at = {2011-07-15T15:18:02.000+0200}, author = {Vetter, B. and Wang, F. and Wu, S.F.}, biburl = {https://www.bibsonomy.org/bibtex/216572150fdaa2c6ac4aedc03c677498e/msteele}, booktitle = {Network Protocols, 1997. Proceedings., 1997 International Conference on}, doi = {10.1109/ICNP.1997.643735}, file = {:I\:\\My Documents\\Thesis\\Research\\Vetter97.pdf:PDF}, interhash = {e98b87dd17a371e601fcc4636298dee2}, intrahash = {16572150fdaa2c6ac4aedc03c677498e}, issn = {1092-1648}, keywords = {Internet OSPF_routing_protocol OSPF_routing_testbed management_protocols max_sequence_number_attack network_infrastructure network_routing router_products security_intrusions security_of_data protocol transport network routing telecommunication}, month = oct, owner = {msteele}, pages = {293 -300}, review = {Provides a discussion of attacks against the OSPF routing protocol.}, timestamp = {2011-07-15T19:57:06.000+0200}, title = {{An experimental study of insider attacks for OSPF routing protocol}}, year = 1997 }