Result Details

Reachability Analysis in Dynamically Routed Networks

ŠVÉDA, M.; RYŠAVÝ, O.; DE SILVA, G.; MATOUŠEK, P.; RÁB, J. Reachability Analysis in Dynamically Routed Networks. Proceedings of the IEEE ECBS 2011. Piscataway, NJ: IEEE Computer Society, 2011. p. 197-205. ISBN: 978-0-7695-4379-6.

Type

conference paper

Language

English

Authors

Švéda Miroslav, prof. Ing., CSc., DIFS (FIT), UTKO (FEEC)
Ryšavý Ondřej, doc. Ing., Ph.D., DIFS (FIT)
de Silva Hidda Marakkala Gayan Ruchika, MSc
Matoušek Petr, doc. Ing., Ph.D., M.A., DIFS (FIT)
Ráb Jaroslav, Ing., DIFS (FIT)

Abstract

In this paper, we introduce a novel approach to reachability analysis of dynamically routed networks. The goal is to determine the network-wide reachability using static analysis of configuration files gathered from forwarding devices. We describe a method that can compute the reachability in networks with a mix of static routing configurations, distance vector routing protocols, filtering routing updates and redistributions. The method computes a network-wide approximation of distributed routing information using the standard graph algorithms. Thus, for any network state, we can determine a set of active paths used for packet delivery. The outcomes of the method can be, for instance, used during the conformance checking of distributed access control lists against network security policies.

Keywords

IP-networks; network configuration; network design; network reachability; routing protocols

Published

2011

Pages

197–205

Proceedings

Proceedings of the IEEE ECBS 2011

Conference

18th IEEE International Conference and Workshops on Engineering of Computer-Based Systems

ISBN

978-0-7695-4379-6

Publisher

IEEE Computer Society

Place

Piscataway, NJ

BibTeX

@inproceedings{BUT76340,
  author="Miroslav {Švéda} and Ondřej {Ryšavý} and Hidda Marakkala Gayan Ruchika {de Silva} and Petr {Matoušek} and Jaroslav {Ráb}",
  title="Reachability Analysis in Dynamically Routed Networks",
  booktitle="Proceedings of the IEEE ECBS 2011",
  year="2011",
  pages="197--205",
  publisher="IEEE Computer Society",
  address="Piscataway, NJ",
  isbn="978-0-7695-4379-6",
  url="https://www.fit.vut.cz/research/publication/9606/"
}

Files

pdf 4379a197.pdf 651 kB

Projects

Advanced secured, reliable and adaptive IT, BUT, Vnitřní projekty VUT, FIT-S-11-1, start: 2011-01-01, end: 2013-12-31, completed
Automated attack processing, MPO, TIP, FR-TI1/037, start: 2009-10-01, end: 2013-09-30, completed
Centrum excelence IT4Innovations, MŠMT, Operační program Výzkum a vývoj pro inovace, ED1.1.00/02.0070, start: 2011-01-01, end: 2015-12-31, completed
SCADA system for control and monitoring RT processes, TAČR, Program aplikovaného výzkumu a experimentálního vývoje ALFA, TA01010632, start: 2011-01-01, end: 2013-12-31, completed
Security-Oriented Research in Information Technology, MŠMT, Institucionální prostředky SR ČR (např. VZ, VC), MSM0021630528, start: 2007-01-01, end: 2013-12-31, running

Research groups

NES@FIT - Networks and distributed systems research group (RG NES@FIT)

Departments

Department of Information Systems (DIFS)