| | | | |
|

PGRIP: PNNI Global Routing Infrastructure Protection
by Dr. Patrick Lincoln, Sabrina De Capitani di Vimercati, Livio Ricciulli & Pierangela Samarati.
Abstract
We describe a system for achieving PNNI (Private Network-Network Interface) Global Routing Infrastructure Protection (PGRIP). We give details of PGRIP's system-level design and identify some conditions to rigorously guarantee the distributed fault tolerant detection of anomalies. PGRIP detects integrity compromises of PNNI routing by enforcing rules that characterize topology information updates that are anomalous (or uncommon) with respect to the network status, past events occurred, or statistical measures. Rules are expressed in a flexible and expressive, yet simple, language using a tree structure to organize and reference topology information maintained at each node. We introduce a powerful notation to identify data objects contained in the PNNI topology database and statistical operators to ex amine the history of topology database updates accumulated during PNNI operation. Using the given notation, we give heuristical rules to illustrate how some anoma lous database operations can be detected.
Files
|
|
|