Identifying OSPF Anomalies Using Recurrence Quantification Analysis
Bahaa Al-Musawi, Philip Branch
TL;DR
This paper explores the use of Recurrence Quantification Analysis (RQA), a nonlinear statistical method, to detect OSPF routing protocol anomalies like LSA falsification and hardware failures rapidly and effectively.
Contribution
It demonstrates the application of RQA for identifying OSPF anomalies, providing a novel approach to enhance network security and fault detection.
Findings
RQA can quickly detect LSA falsifications.
RQA effectively identifies hardware failures.
The method shows promise for real-time anomaly detection.
Abstract
Open Shortest Path First (OSPF) is one of the most widely used routing protocol to manage intra-domain routing. OSPF has been identified with many serious security issues. LSA falsification is one of the most critical vulnerability that can cause route loop and black hole. Network operators need to rapidly identity such anomalies. Network operators need also to identify hardware failure. In this paper, we investigate the capability of Recurrence Quantification Analysis (RQA), an advanced nonlinear statistical analysis technique, to identify OSPF anomalies. We evaluate the capability of RQA to identify OSPF anomalies using a controlled testbed where we introduced different types of LSA falsifications as well as hardware failures. Our evaluation shows that RQA can rapidly detect OSPF anomalies.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Network Packet Processing and Optimization · Advanced Malware Detection Techniques