
Analysis and Evaluation of Router Security Based on a Routing Protocol

Tizpaz Niari, Saeed | 2013

633 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 44977 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jahangir, Amir Hossein
  7. Abstract:
  8. The importance of routers in information transfer among networks is critical. Thus, vulnerabilities and security deficiencies in routers and the related services like routing protocols can be destructive not only for some hosts, but also for the whole network. Hence, it is necessary that 1) vulnerabilities related to the routers and their services be evaluated and analyzed, and 2) the functional aspects of routers related to the vulnerabilities be formally modeled and analyzed. In this thesis, we present a method for the evaluation and the analysis of OSPF routing protocol from the security point of view. First, reported vulnerabilities on the OSPF are collected and evaluated by a statistical method in order to calculate their respective threat degree and to specify the security challenges of the protocol. Moreover, a procedure to determine the importance of newly discovered vulnerabilities is introduced. Then, the challenging parts of the OSPF are formally modeled by Colored Petri Net (CPN). For the purpose of verification, the specified model of the protocol is exposed to specified attacks which try to exploit the reported vulnerabilities, and simultaneously, a behavioral property of Petri nets is analyzed to check the existence of the vulnerabilities. Also, by the aid of this model, a new potential vulnerability is detected in the OSPF routing protocol. In addition, the designed model of the protocol is extended to validate some other vulnerabilities. Finally, by the application of a router emulator and a modification tool, some attacks are designed to exploit the reported and the newly discovered vulnerabilities, and the existence of the vulnerabilities are validated experimentally
  9. Keywords:
  10. Network Security ; Open Shortest Path First (OSPF)Routing Protocol ; Vulnerability ; PETRI Networks ; Security Evaluation ; Formal Analysis ; Security Protocols

 Digital Object List
