Deakin University
Browse

File(s) under permanent embargo

Identifying OSPF LSA falsification attacks through non-linear analysis

Version 2 2024-06-05, 01:55
Version 1 2020-02-24, 08:46
journal contribution
posted on 2024-06-05, 01:55 authored by B Al-Musawi, P Branch, MF Hassan, Shiva PokhrelShiva Pokhrel
Open Shortest Path First (OSPF) is one of the most widely used intra-domain routing protocols. Unfortunately, it has many serious security issues. Falsification over OSPF is one of the most critical vulnerabilities that can cause routing loops and a black hole. In this paper, we introduce a novel approach by using a technique from non-linear statistical analysis to identify OSPF attacks. Firstly, we evaluate the capability of the non-linear technique to identify OSPF attacks using a controlled testbed where we introduce different types of LSA falsifications. Secondly, we evaluate our approach to detect different types of OSPF attacks using OSPF traffic associated with a single OSPF router and OSPF traffic associated with a set of OSPF routers. In both cases, our approach can detect anomalous behaviour quickly. Finally, we use various successful machine learning classifiers to analyze the outputs obtained from the non-linear analysis and calibrate their suitability in discovering such anomalies.

History

Journal

Computer Networks

Volume

167

Article number

ARTN 107031

Pagination

1 - 13

Location

Amsterdam, The Netherlands

ISSN

1389-1286

eISSN

1872-7069

Language

English

Publication classification

C1 Refereed article in a scholarly journal

Publisher

ELSEVIER