A property oriented fault detection approach for link state routing protocol

This paper proposes a new approach to fault detection for a link state routing system-property oriented analysis and detection (POD). A routing system is modeled as a set of distributed processes. A property is defined as state predicate(s) over system variables. For the link state routing protocol, the high-level overall converging property P is defined as the "synchronization" among routing information bases maintained by all processes. We decompose the routing protocol into different computation phases. For each phase, we use invariant state predicates (safety property) and the liveness property as our guide for observation and analysis. The goal of the detection algorithm is to construct a validation path based on the history to determine if the fault is natural or malicious once the stable property P is rendered invalid by faults. The contribution of this paper is twofold: first, a new detection approach is proposed that differs from traditional signature-based or profile-based intrusion detection paradigms in the sense that it utilizes the stable property as a starting point, and correlates the history and future to validate changes in the system; second, by exploring the primary concerned system properties, we show that detection effort can be conducted in a more focused and systematic fashion.