摘要 |
The method, apparatus and system of detecting whether a router is compromised and configured to place malicious packets onto the network are disclosed. In one embodiment, a method for detecting a malicious router includes performing hash on a current ingress packet received via the network packet payload to generate ingress packet hash values. Further, includes performing hash on current egress packet that is associated with the current ingress packet to generate egress packet hash values. The generated ingress packet hash values and the egress packet hash values are then compared. Then the router is checked to determine whether it is potentially compromised and configured to place the malicious packets based on the outcome of the comparison.
|