| OSPF协议脆弱性分析与检测系统的设计和实现 |
| |
| 引用本文: | 覃遵颖,李国栋,李卫,黄旭昌. OSPF协议脆弱性分析与检测系统的设计和实现[J]. 通信学报, 2013, 34(Z2): 12-63. DOI: 10.3969/j.issn.1000-436x.2013.Z2.012 |
| |
| 作者姓名: | 覃遵颖 李国栋 李卫 黄旭昌 |
| |
| 作者单位: | 1. 西安交通大学 网络中心,陕西 西安 710049;2. 西安交通大学 电子与信息工程学院,陕西 西安 710049;3. 通讯网信息传输与分发技术重点实验室,河北 石家庄 050081 |
| |
| 基金项目: | 通信网信息传输与分发技术重点实验室开放课题基金资助项目(ITD-U11001) |
| |
| 摘 要: | 在分析和研究OSPF协议脆弱性的基础上,设计实现了一个通用的、多模式的OSPF协议脆弱性检测系统,包括了使用伪造实体路由器方法实现拒绝服务攻击模型和使用零拷贝技术实现中间人攻击模型,并采用SNMP和旁路监听相结合的方法实现了检测结果的实时监控。最后,在测试环境中对不同种类的路由设备进行了脆弱性验证,并对脆弱性的危害进行了定量的分析。
|
| 关 键 词: | OSPF;LSA;脆弱性攻击模型;路由攻击;脆弱性检测 |
| 收稿时间: | 2013-09-06 |
Design and implementation of OSPF vulnerabilityanalysis and detection system |
| |
| Zun-ying QIN,Guo-dong LI,Wei LI,Xu-chang HUANG. Design and implementation of OSPF vulnerabilityanalysis and detection system[J]. Journal on Communications, 2013, 34(Z2): 12-63. DOI: 10.3969/j.issn.1000-436x.2013.Z2.012 |
| |
| Authors: | Zun-ying QIN Guo-dong LI Wei LI Xu-chang HUANG |
| |
| Affiliation: | 1. Center of Network,Xi’an Jiaotong University,Xi’an 710049,China;2. School of Electronic and Information Engineering,Xi’an Jiaotong University,Xi’an 710049,China;3. Science and Technology on Information Transmission and Dissemination in Communication Networks Laboratory,Shijiazhuang 050081,China |
| |
| Abstract: | A universal and multi-mode OSPF vulnerability detection system was designed based on analysis and research of OSPF vulnerability. The system implements denial of service attack model with the method of forging entity router and man-in-middle attack model with zero-copy technology. The method combining SNMP and bypass monitoring was adopted to achieve real-time monitoring of test results. Finally, the system proves the vulnerability of different types of routing equipments in the test environment and the vulnerability hazards were analyzed quantitatively. |
| |
| Keywords: | OSPF LSA vulnerability attack model routing attack vulnerability detection |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
