Recovering from Intrusions in the OSPF Data-plane

TitleRecovering from Intrusions in the OSPF Data-plane
Publication TypeReports
Year of Publication2005
AuthorsElaine Shi, Lu Y, Reid M
Series TitleSelected Project Reports, Spring 2005 Advanced OS & Distributed Systems (15-712)
Date Published2005
InstitutionSchool of Computer Science, Carnegie Mellon University

In this paper, we propose CONS-ROUTE, a data-plane intrusion recoverymechanism for securing the OSPF routing protocol. CONS-ROUTE allows
routers to perform intrusion detection in a distributed manner. The intrusion
detection outcome can be used globally to reevaluate routing decisions in a
way that is resilient to the slandering attack, where a malicious router claims
that a legitimate router is misbehaving. We evaluate CONS-ROUTE through
simulation and compare it with several simple OSPF data plane resilience