research-article

Verification of OSPF vulnerabilities by colored Petri net

Authors:

Saeid Tizpaz Niari,

Amir Hossein JahangirAuthors Info & Claims

SIN '13: Proceedings of the 6th International Conference on Security of Information and Networks

Pages 102 - 109

https://doi.org/10.1145/2523514.2523532

Published: 26 November 2013 Publication History

Abstract

Routers and routing protocols are critical parts of a network infrastructure. OSPF is one of the most important routing protocols, and therefore its vulnerabilities can be very destructive. This makes its security analysis critical. There are many reported and potential vulnerabilities in OSPF protocol. Considering the complexity and the ambiguity of its description in RFC 2328, it is very valuable to design a formal model of the protocol and analyze the vulnerabilities of its critical parts. In this paper, some challenging parts of OSPF protocol along with attack scenarios are modeled by means of Colored Petri Net in CPN Tools environment. Then, the reported vulnerabilities are analyzed by a behavioral property of Petri net, and the existence of the vulnerabilities is verified by the property checking. Moreover, a new potential vulnerability is presented and verified by both formal and experimental methods.

References

[1]

J. Moy. OSPF Version 2. RFC 2328 (INTERNET STANDARD), Apr 1998.

[2]

W. Feiyi and W. Felix. On the Vulnerabilities and Protection of OSPF Routing Protocol. In Proceedings of 7th International Conference on Computer Communications and Networks, pages 148--152, Louisiana, USA, 1998.

Digital Library

[3]

F. Wang. Vulnerability Analysis, Intrusion Prevention and Detection for Link State Routing Protocols. PhD thesis, North Carolina State University, Raleigh, NC, 2000.

Digital Library

[4]

M. Tadao. Petri nets: Properties, Analysis and Applications. Proceedings of the IEEE, 77(4): 541--580, 1989.

[5]

K. Jensen and L. M. Kristensen. Coloured Petri Nets - Modelling and Validation of Concurrent Systems. Springer, 2009.

Digital Library

[6]

CPN Tools Home Page. http://www.cpntools.org/.

[7]

J. Kurt, K. Lars Michael, and W. Lisa. Coloured Petri Nets and CPN Tools for modelling and validation of concurrent systems. International Journal on Software Tools for Technology Transfer, 9(3--4): 213--254, 2007.

Digital Library

[8]

K. Ishiguro. Quagga, a Routing Software Package for TCP/IP Networks. Technical report, Quagga Development Team, http://www.nongnu.org/quagga/, 2012.

[9]

P. Biondi. Scapy: Explore the Net with New Eyes. Technical report, EADS Corporate Research Center, http://www.secdev.org, 2005.

[10]

D. Obradovic. Formal Analysis of Routing Protocols. PhD thesis, University of Pennsylvania, Pennsylvania USA, 2000.

Digital Library

[11]

M. Saif Ur Rehman, S. Sudarshan K, K. Samee U, and W. Lizhe. A Methodology for OSPF Routing Protocol Verification. In 12th International Conference on Scalable Computing and Communications (ScalCom), China, 2012.

[12]

A. Salah and K. Mustafa. Protocol Verification and Analysis using Colored Petri Nets. Technical report, DePaul University, Chicago USA, 2004.

[13]

V. Brain, W. Feiyi, and W. S. Felix. An Experimental Study of Insider Attacks for OSPF Routing Protocol. In Proceedings of International Conference on Network Protocols, pages 293--300, Atlanta, USA, 1997.

Digital Library

[14]

G. Nakibly, A. Kirshon, D. Gonikman, and D. Boneh. Persistent OSPF Attacks. In Proceedings of the 19th Annual Network and Distributed System Security Symposium, San Diego, California, Feb 2012.

[15]

S. Murphy, M. Badger, and B. Wellington. OSPF with Digital Signatures. RFC 2154, Jun 1997.

Digital Library

Cited By

Kontsek MSegec PMoravcik MPapan J(2019)Approaches and tools for network protocol modeling2019 17th International Conference on Emerging eLearning Technologies and Applications (ICETA)10.1109/ICETA48886.2019.9040063(419-424)Online publication date: Nov-2019
https://doi.org/10.1109/ICETA48886.2019.9040063

Index Terms

Verification of OSPF vulnerabilities by colored Petri net

Recommendations

An experimental study of insider attacks for OSPF routing protocol
ICNP '97: Proceedings of the 1997 International Conference on Network Protocols (ICNP '97)

It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study ...
Research of BPEL Modeling Technique Based on Colored Petri Net
ETCS '11: Proceedings of the 2011 Third International Workshop on Education Technology and Computer Science - Volume 01

Web Services Business Process Execution Language (BPEL) modeling technique based on colored Petri net is proposed in this paper. Introduce a BPEL modeling principle based on colored Petri net, and a method of generating BPEL code from the colored Petri ...
Research of System Modeling and Verification Method Combine with UML Formalization Analysis and Colored Petri Net
IITA '09: Proceedings of the 2009 Third International Symposium on Intelligent Information Technology Application - Volume 03

Because of complexity of CTCS-3 train control system, interworking testing and function evaluation could not be operated directly on the system, which means that deep research on modeling and simulation of train operation control system should be ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

SIN '13: Proceedings of the 6th International Conference on Security of Information and Networks

November 2013

483 pages

ISBN:9781450324984

DOI:10.1145/2523514

General Chairs:
Atilla Elçi
Aksaray University, Turkey
,
Manoj Singh Gaur
Malaviya National Institute of Technology, India
,
Mehmet A. Orgun
Macquarie University, Australia
,
Oleg B. Makarevich
Southern Federal University, Russia

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Macquarie U., Austarlia
MNIT: Malaviya National Institute of Technology
Aksaray Univ.: Aksaray University
SFedU: Southern Federal University

In-Cooperation

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIN '13

Sponsor:

MNIT
Aksaray Univ.
SFedU

SIN '13: The 6th International Conference on Security of Information and Networks

November 26 - 28, 2013

Aksaray, Turkey

Acceptance Rates

Overall Acceptance Rate 102 of 289 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
291
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kontsek MSegec PMoravcik MPapan J(2019)Approaches and tools for network protocol modeling2019 17th International Conference on Emerging eLearning Technologies and Applications (ICETA)10.1109/ICETA48886.2019.9040063(419-424)Online publication date: Nov-2019
https://doi.org/10.1109/ICETA48886.2019.9040063

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents