Specification-Based Intrusion Detection System for Carrier Ethernet

Spanning tree protocol (STP) is a link layer protocol used for link management, prevention of loop formation etc. in the network. Although STP is widely used, it is still prone to many kinds of attacks that exploit the lack of security features both in basic working process and STP packet format. By exploiting STP control packet an attacker can pretend to be the new root in STP domain and perform unauthorized activities that lead to root take-over attack, STP control packet flooding, traffic redirection and so on. In this paper, a coverage based distributed intrusion detection system (DIDS) has been introduced, for the detection of attacks on STP. The proposed scheme computes a set of switches in the network that can cover the STP network completely; where every switch belongs to that set is installed with a small module of IDS. This set of IDSs logically divides the STP network into a set of local zones. All the switches in a zone is directly connected to one switch installed with IDS and thus covered by at least one IDS in STP domain. Each IDS can detect and verify any exploit inside its local zone. Additionally IDSs communicate with each other so that any exploit outside the local zone of a particular IDS can also be detected and verified. The results show that the proposed DIDS approach can detect all the STP based attacks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Specification-Based Intrusion Detection System for Carrier Ethernet

Cited by 2 publications

References 3 publications

Trust-Based Security for the Spanning Tree Protocol

Trust-Based Security for the Spanning Tree Protocol

Exploit detection techniques for STP using distributed IDS

Contact Info

Product

Resources

About