Recovering from Intrusions in the OSPF Data-plane

In this paper, we propose CONS-ROUTE, a data-plane intrusion recoverymechanism for securing the OSPF routing protocol. CONS-ROUTE allows
routers to perform intrusion detection in a distributed manner. The intrusion
detection outcome can be used globally to reevaluate routing decisions in a
way that is resilient to the slandering attack, where a malicious router claims
that a legitimate router is misbehaving. We evaluate CONS-ROUTE through
simulation and compare it with several simple OSPF data plane resilience
techniques.