Abstract
This paper presents the design, implementation, and experimentation of the JiNao intrusion detection system (IDS) which focuses on the protection of the network routing infrastructure. We used the open shortest path first (OSPF) routing protocol as an implementation example to illustrate our IDS design. However, the system architecture is generic enough that the JiNao IDS can be used for protecting other protocols. The system features attack prevention and intrusion detection with tightly integrated network management components. The prevention module functions like a firewall which consists of a small set of rules. Both misuse (protocol analysis) and anomaly (statistical based) approaches are implemented as detection mechanisms in order to handle both known and unknown attacks. Four OSPF attacks (i.e., MaxSeq, MaxAge, Seq++, and LSID attacks) have been developed for evaluating JiNao's detecting capability. Furthermore, an SNMP based network management interface has been designed and implemented such that the JiNao IDS can be easily integrated with existing network management systems.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
