Research On OSPF Protocol Vulnerability Analysis And Detection Technology

The routing protocol is used to distribute network reachability information between routers.The router is responsible for finding the best route and forwarding the network data.Since the implementation of the routing protocol function is based on packet interaction with other routers,there are challenges that routing information would be tampered with,the invalid routing information would be replayed,the incorrect routing information would be generated and inserted into the network.When the vulnerability of the routing protocol is maliciously exploited,it may cause serious consequences such as network congestion,information hijacking,and network threats.OSPF(Open Shortest Path First)is a link state protocol that uses the Dijkstra algorithm to calculate the shortest path tree.Although the OSPF protocol itself has certain security mechanisms,such as authentication,flooding,fightback,and bidirectional,the use of OSPF protocol vulnerability is endless.Which of these methods exploits the vulnerability of the agreement? What impact will it have on the network?How to accurately detect and improve the security defense level of the network? These issues are the hotspots of academic circles and the key issues addressed in this paper.In this paper,we focuses on the most widely used intra-domain routing protocol,OSPF,focusing on the latest vulnerability utilization methods proposed in recent years for the routing protocol.We researched the Seq++ attack,the Max Age attack,the MaxSeq attack,the Phantom Router Remote False Adjacency Attack,Faked LSA attack,analysed the premise of those methods,the methods and effects of them,and the differences of them.We reproduced these vulnerabilities by constructing a simulated experimental environment,so as to target the vulnerability of the currently widely used OSPF protocol when it is used in a specific network,and to predict what kind of consequences may be made.Secondly,based on the previous research,combined with the idea of Finite State Machine,we established Finite State Machines for the latest vulnerability utilization of OSPF,and uses packet content detection to detect different types of vulnerability utilization behavior.Finally,in order to obtain the expansion requirements of OSPF network scale,the comprehensive analysis platform was built by means of 'GNS3' + 'CORE',and the vulnerability utilization experiment of Phantom Router Remote False Adjacency Attack was carried out on the analysis platform,and the expected effect was obtained.It provides an experimental basis for subsequent larger studies.