Presentation is loading. Please wait.

Presentation is loading. Please wait.

Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006.

Published byAdele Brown Modified over 8 years ago

Similar presentations

Presentation on theme: "Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006."— Presentation transcript:

1 Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang {chuah,kuh205}@cse.lehigh.edu November 2006

2 Outline BGP Security Issues Selective Dropping Attack Detecting Selective Dropping Attack Evaluation of IANP on DETER Conclusion

3 BGP Security Issues BGP4 (RFC1771) Inter-domain routing, Autonomous System Path vector protocol, shortest path Policy based routing [Gao’s] E.g. customer will not export routes learned from one provider to another Messages of interests: (BGP updates) ANNOUNCE: AS_PATH, PREFIX WITHDRAW: PREFIX

4 BGP Security Issues Vulnerabilities No encryption: eavesdropping No timestamp: replaying No signature: masquerading MOAS -- multiple origin AS Selective dropping Proposed Solutions S-BGP, So-BGP, Pretty Good BGP

5 Selective Dropping Attack AS3 use path 3-2-1 for prefix 1 Link 1-2 break AS2 filters WITHDRAW PREFIX1 to AS3 AS3 still use stale path 3-2-1 for prefix 1 AS2 has full control of traffic from AS3 for prefix 1 AS1 Prefix 1 AS2 Prefix 2 AS3 Prefix 3 AS4 Prefix 4 W: 1

6 Detecting Selective Dropping Attack Instability Analysis with Neighbor Probing Identify key events by BGP message volume at particular monitor node Use locating instability alg. [Mao’s] to locate an instability e.g. a link break Check instability against a monitor’s routing table to detect poisoned routes, correct it if found e.g. a route using the broken link Issue warning msg to neighbors when suspecting a selective dropping attack (msg. includes instability info.) Issue probing msg to neighbors when locating alg. fails to find the source of instability (msg. includes burst period)

7 Detecting Selective Dropping Attack Instability Analysis 1-2 link breaks At AS4, we know Routes not changed: to prefix 1 via AS1, 4-1 to prefix 5 via AS1, 4-1-5 … {1-4,1-5, …} candidate stable set Routes changed: to prefix 2 via AS1, 4-1-2  4-1-5-2 {1-2} candidate instable set for prefix 2 So, ∩candidate instable per prefix – U candidate stable per prefix = {1-2} is instable, flood warnings AS1 Prefix 1 AS2 Prefix 2 AS3 Prefix 3 AS4 Prefix 4 W: 1 AS5 Prefix 5

8 Detecting Selective Dropping Attack Compute instable Classify events Compute instable final instable

9 Detecting Selective Dropping Attack Detecting Malicious Routes AS4 finds 1-2 link break, warning msg. reaches AS3, AS3 routing table has 3-2-1 Disable 3-2-1 route Use 3-4-1 route AS1 Prefix 1 AS2 Prefix 2 AS3 Prefix 3 AS4 Prefix 4 W: 1 AS5 Prefix 5

10 Detecting Selective Dropping Attack probing Possible warning

11 Detecting Selective Dropping Attack Warning and probing If can’t locate the source of instability, probe neighbors within Q hops (e.g. Q=1) If suspects an attack, warn neighbors within K hops (e.g. K=2) Router scoring Score BGP router reputation by counting warning messages

12 Evaluation of IANP on DETER Setup 3 30-node topologies generated by BRITE Emulation on DETER using Quagga package 10 experiments per topology In each exp., one link is broken and one node launches a selective dropping attack against a neighbor node Post processing BGP messages and routing table using IANP module Warning neighbors within 2 hops Metric Damage Cost = # of poisoned best routes / # of total best routes # of total best routes= 30*29

13 Evaluation of IANP on DETER Test 1: 14 drops messages to 15

14 Evaluation of IANP on DETER Test 1: W1= unable to locate instability, DC = damage cost

15 Evaluation of IANP on DETER Test 2: 16 drops messages to 23

16 Evaluation of IANP on DETER Test 2: W1= unable to locate instability, DC = damage cost

17 Evaluation of IANP on DETER Test 3: 15 drops messages to 23

18 Evaluation of IANP on DETER Test 3: W1= unable to locate instability, DC = damage cost

19 Evaluation of IANP on DETER Overall performance Without IANP 0-30% ASes can’t find broken link Damage is range from 0-22.7% With IANP no warning Failure of finding broken link decrease by 0-23% Damage cost is very low, max=4.8%, mostly < 2.0% With IANP and warning Everyone can find the broken link Damage cost decreases to 0

20 Conclusion Encryption and authentication do not mitigate selective dropping attack Instability analysis is useful information in selective dropping attack IANP standalone version reduces damage cost IANP warning version reduces damage cost to 0 IANP is promising, and worth further research Impact of warning scope damage cost message overhead Deployment of IANP based on internet topology hierarchy Large scale simulation on internet scale

Download ppt "Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006."

Similar presentations

How Secure are Secure Interdomain Routing Protocols? B96209044 大氣四 鍾岳霖 B97703099 財金三 婁瀚升 1.

How Secure are Secure Interdomain Routing Protocols? B 大氣四 鍾岳霖 B 財金三 婁瀚升 1.
Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.

Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.

CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.
Network Layer4-1 Hierarchical Routing scale: with 200 million destinations: r can’t store all dest’s in routing tables! r routing table exchange would.

Network Layer4-1 Hierarchical Routing scale: with 200 million destinations: r can’t store all dest’s in routing tables! r routing table exchange would.
Lecture 9 Overview. Hierarchical Routing scale – with 200 million destinations – can’t store all dests in routing tables! – routing table exchange would.

Lecture 9 Overview. Hierarchical Routing scale – with 200 million destinations – can’t store all dests in routing tables! – routing table exchange would.
Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.

Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez School of Computer Science.

SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez School of Computer Science.
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol –Datagram format.

Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol –Datagram format.
4a-1 CSE401: Computer Networks Hierarchical Routing & Routing in Internet S. M. Hasibul Haque Lecturer Dept. of CSE, BUET.

4a-1 CSE401: Computer Networks Hierarchical Routing & Routing in Internet S. M. Hasibul Haque Lecturer Dept. of CSE, BUET.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Routing Security in Ad Hoc Networks

Routing Security in Ad Hoc Networks
Inter-domain Routing security Problems Solutions.

Inter-domain Routing security Problems Solutions.
14 – Inter/Intra-AS Routing

14 – Inter/Intra-AS Routing
Routing in Wired Nets CS 215 W 01 - Mario Gerla. Routing Principles Routing: delivering a packet to its destination on the best possible path Routing.

Routing in Wired Nets CS 215 W 01 - Mario Gerla. Routing Principles Routing: delivering a packet to its destination on the best possible path Routing.
Interdomain Routing and the Border Gateway Protocol (BGP) Reading: Section 4.3.3 COS 461: Computer Networks Spring 2011 Mike Freedman

Interdomain Routing and the Border Gateway Protocol (BGP) Reading: Section COS 461: Computer Networks Spring 2011 Mike Freedman
Computer Networks Layering and Routing Dina Katabi

Computer Networks Layering and Routing Dina Katabi
14 – Inter/Intra-AS Routing Network Layer4-1. 4-2 Hierarchical Routing scale: with > 200 million destinations: can’t store all dest’s in routing tables!

14 – Inter/Intra-AS Routing Network Layer Hierarchical Routing scale: with > 200 million destinations: can’t store all dest’s in routing tables!
EQ-BGP: an efficient inter- domain QoS routing protocol Andrzej Bęben Institute of Telecommunications Warsaw University of Technology,

EQ-BGP: an efficient inter- domain QoS routing protocol Andrzej Bęben Institute of Telecommunications Warsaw University of Technology,

Similar presentations

Ads by Google