Identifying OSPF Anomalies Using Recurrence Quantification Analysis
Open Shortest Path First (OSPF) is one of the most widely used routing protocol to manage intra-domain routing. OSPF has been identified with many serious security issues. LSA falsification is one of the most critical vulnerability that can cause route loop and black hole. Network operators need to rapidly identity such anomalies. Network operators need also to identify hardware failure. In this paper, we investigate the capability of Recurrence Quantification Analysis (RQA), an advanced nonlinear statistical analysis technique, to identify OSPF anomalies. We evaluate the capability of RQA to identify OSPF anomalies using a controlled testbed where we introduced different types of LSA falsifications as well as hardware failures. Our evaluation shows that RQA can rapidly detect OSPF anomalies.
READ FULL TEXT