On the vulnerabilities and protection of OSPF routing protocol

This paper analyzes both the strong points and weak points of the OSPF routing protocol from the security perspective. On its strong points, we abstract its features of information least dependency and information hiding, which make it very robust and fault resilient, even when facing certain malicious attacks. On its weak points, we take a pragmatic look at various problems centering round secure routing protocols. By carefully investigating a special re-routing attacking case, we show how a home-made malicious router can easily disrupt the service. It also provides a concrete example for routing protection and intrusion detection. Finally, we present the active protection idea and its architectural flexibility and compatibility advantages.

[1]  John Moy,et al.  OSPF specification , 1989, Request for Comments.

[2]  John Moy,et al.  OSPF Version 2 , 1998, RFC.

[3]  Charles L. Hedrick,et al.  Routing Information Protocol , 1988, RFC.

[4]  Sandra L. Murphy,et al.  Digital signature protection of the OSPF routing protocol , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[5]  J.J. Garcia-Luna-Aceves,et al.  Securing the border gateway routing protocol , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.

[6]  J. J. Garcia-Luna-Aceves,et al.  Securing distance-vector routing protocols , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[7]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[8]  I. Richer,et al.  A Review of the Development and Performance of the ARPANET Routing Algorithm , 1978, IEEE Trans. Commun..

[9]  Shyhtsun Felix Wu,et al.  An experimental study of insider attacks for OSPF routing protocol , 1997, Proceedings 1997 International Conference on Network Protocols.

[10]  Eric C. Rosen,et al.  The New Routing Algorithm for the ARPANET , 1980, IEEE Trans. Commun..