OSPF vulnerability to persistent poisoning attacks: A systematic analysis

Gabi Nakibly, Adi Sosnovich, Eitan Menahem, Ariel Waizel, Yuval Elovici

Research output: Contribution to conferencePaperpeer-review

11 Scopus citations


Open Shortest Path First (OSPF) is one of the most widely deployed interior gateway routing protocols on the Internet. The most common attack vector against OSPF is spoofing of routing advertisements on behalf of a remote router. OSPF employs a self-defense "fight-back" mechanism that quickly reverts the effects of such attacks. Nonetheless, some attacks that evade the fight-back mechanism have been discovered, making it possible to persistently falsify routing advertisements. This type of attacks are the most serious threat to a routing protocol since they allow an attacker to gain persistent control over how traffic is routed throughout the network. This shows that despite its maturity, the OSPF specification is not without security flaws and may have stillunknown vulnerabilities. In this work we systematically analyze manually and by formal verification the OSPF specification for additional vulnerabilities in the fight-back mechanism. Our analysis uncovered a fundamental security flaw in OSPF that allows a simple means for an attacker to evade the fight-back mechanism. Most major router vendors acknowledged the existence of this vulnerability in their products. Fortunately, our analysis strongly indicates that no other vulnerabilities in the fight-back mechanism are likely to exist.

Original languageEnglish
Number of pages10
StatePublished - 8 Dec 2014
Event30th Annual Computer Security Applications Conference, ACSAC 2014 - New Orleans, United States
Duration: 8 Dec 201412 Dec 2014


Conference30th Annual Computer Security Applications Conference, ACSAC 2014
Country/TerritoryUnited States
CityNew Orleans

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications


Dive into the research topics of 'OSPF vulnerability to persistent poisoning attacks: A systematic analysis'. Together they form a unique fingerprint.

Cite this