• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文学位 >Vulnerability analysis, intrusion prevention and detection for link state routing protocols.
【24h】

Vulnerability analysis, intrusion prevention and detection for link state routing protocols.

机译:链接状态路由协议的漏洞分析,入侵防御和检测。

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The objective of this dissertation is to study the vulnerabilities of link state routing protocol, design and implement new approaches for intrusion prevention and detection. As one of the cornerstones of network infrastructure, routing systems are facing more threats than ever: they are vulnerable by nature and challenging to protect. Drawing upon working results from two DARPA research projects, JiNao (Scalable Intrusion Detection for the Emerging Network Infrastructure) and GIANT (Global Intrusion Assessment Through Distributed Decision Making), the dissertation makes the following contributions: First, it systematically analyzes the vulnerabilities of link state routing protocol from design, implementation, environment, and configuration aspects, making comparisons with other distance vector based protocols when necessary and discovering potential attack points. The vulnerability analysis establishes foundations for prevention and intrusion detection. Second, it describes the design and implementation of wrapper-based active protection for routing protocol, which are most suitable to prevent known vulnerabilities and provide architectural advantage to legacy systems. Third, it describes integrated network management (INM) based intrusion detection method. The integration of management and control planes will enlarge the scope of available information and enable more effective intrusion detections. Three insider attacks have been developed to evaluate its effectiveness and detection capability. Fourth, it describes a new property-oriented detection (POD) algorithm that differs from traditional signature based or profile based intrusion detection paradigms in the sense that it utilizes functional properties and correlates the history and future to validate link state database changes. By exploring primary concerned system properties, we show that detection effort can be conducted in a more focused and systematic fashion.
机译:本文的目的是研究链路状态路由协议的漏洞,设计并实现新的入侵防御和检测方法。作为网络基础结构的基石之一,路由系统面临的威胁比以往任何时候都更多:它们天生就容易受到攻击,并且很难保护。借鉴DARPA的两个研究项目JiNao(新兴网络基础设施的可伸缩入侵检测)和GIANT(通过分布式决策进行的全球入侵评估)的工作成果,论文做出了以下贡献:首先,它系统地分析了链接状态的脆弱性从设计,实现,环境和配置方面路由协议,必要时与其他基于距离矢量的协议进行比较,并发现潜在的攻击点。漏洞分析为预防和入侵检测奠定了基础。其次,它描述了路由协议的基于包装的主动保护的设计和实现,最适合于防止已知漏洞并为传统系统提供体系结构优势。第三,它描述了基于集成网络管理(INM)的入侵检测方法。管理和控制平面的集成将扩大可用信息的范围,并使更有效的入侵检测成为可能。已经开发了三种内部攻击来评估其有效性和检测能力。第四,它描述了一种新的面向属性的检测(POD)算法,该算法与传统的基于签名或基于配置文件的入侵检测范例有所不同,因为它利用了功能属性,并关联了历史和未来以验证链接状态数据库的更改。通过探索主要的相关系统属性,我们表明可以以更加集中和系统的方式进行检测。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号