nordstrom - Beware of BGP Attacks Ola Nordstr¨om and...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Beware of BGP Attacks Ola Nordstr¨om and Constantinos Dovrolis College of Computing Georgia Institute of Technology { nalo,dovrolis } ABSTRACT This note attempts to raise awareness within the network research community about the security of the interdomain routing infrastructure. We identify several attack objec- tives and mechanisms, assuming that one or more BGP routers have been compromised. Then, we review the ex- isting and proposed countermeasures, showing that they are either generally ineffective (route filtering), or probably too heavyweight to deploy (S-BGP). We also review several re- cent proposals, and conclude by arguing that a significant research effort is urgently needed in the area of routing se- curity. 1. INTRODUCTION As more and more businesses and organizations become de- pendent on the Internet, the risks posed by malicious attacks on the Internet infrastructure become more significant. The Internet has experienced several successful large-scale at- tacks that caused major losses to their victims. The attacks typically target major Web servers, content providers, the DNS system, or just end-hosts [1]. The Internet routing infrastructure is also vulnerable to at- tacks. Because of the very nature of this infrastructure, routing attacks can affect a large number of hosts, entire networks, or even the global Internet [2]. The objectives of routing attacks can include blackholing and loss of connec- tivity, traffic redirection to networks controlled by adver- saries, traffic subversion and data interception, or persistent routing instability [3]. An intradomain routing system operates within an Autono- mous System (AS). The threat of an attack on intradomain routing is thus typically contained within a single network. The interdomain routing infrastructure, on the other hand, is based on the BGP protocol and it provides connectivity between ASs [4, 5]. In this note, we focus on the vulnerabil- ity of interdomain routing and BGP, because such attacks have the potential to affect a much larger number of users and potentially compromise routing across the global Inter- net. We assume that the reader has some basic familiarity with the BGP protocol and with how it is deployed in the Internet to provide policy-based routing. So far, there have been no major BGP routing attacks (or at least, they have not been publicly documented as malicious attacks). As a result, relatively little attention from the net- work research community has been placed on studying the routing infrastructure’s overall susceptibility to malicious users. On the other hand, it has been shown that routing misconfigurations are quite common in practice, and they can cause the same reachability and BGP convergence prob- lems that an attack could cause [6]. The notorious AS7007 incident on April 25 1997 was caused by a misconfigured router that flooded the Internet with incorrect advertise- ments, announcing AS7007 as the origin of the best path to...
View Full Document

This note was uploaded on 04/03/2009 for the course ECE 18731 taught by Professor Perrig during the Spring '08 term at Carnegie Mellon.

Page1 / 8

nordstrom - Beware of BGP Attacks Ola Nordstr¨om and...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online