A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, 20071 A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.

Slides:



Advertisements
Similar presentations
1 Threats & lessons learned from todays control/management planes (Panel on routing) Z. Morley Mao University of Michigan NSF FIND PI meeting, June 27.
Advertisements

Introduction to IP Routing Geoff Huston. Routing How do packets get from A to B in the Internet? A B Internet.
Advanced Computer Networks cs538, Fall UIUC Klara Nahrstedt Lecture 7, September 16, 2014 Based on M. Caesar, J. Rexford, “BGP Routing Policies.
Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.
1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
Network Layer: Internet-Wide Routing & BGP Dina Katabi & Sam Madden.
CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
1 Finding a Needle in a Haystack: Pinpointing Significant BGP Routing Changes in an IP Network Jian Wu (University of Michigan) Z. Morley Mao (University.
1 Network Architecture and Design Routing: Exterior Gateway Protocols and Autonomous Systems Border Gateway Protocol (BGP) Reference D. E. Comer, Internetworking.
Traffic Engineering With Traditional IP Routing Protocols
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Computer Science Department Princeton University
Stable Internet Routing Without Global Coordination Jennifer Rexford Princeton University Joint work with Lixin Gao (UMass-Amherst)
Incrementally Deployable Security for Interdomain Routing (TTA-4, Type-I) Jennifer Rexford, Princeton University Joan Feigenbaum, Yale University July.
Wresting Control from BGP: Scalable Fine-grained Route Control UCSD / AT&T Research Usenix —June 22, 2007 Dan Pei, Tom Scholl, Aman Shaikh, Alex C. Snoeren,
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.
1 Design and implementation of a Routing Control Platform Matthew Caesar, Donald Caldwell, Nick Feamster, Jennifer Rexford, Aman Shaikh, Jacobus van der.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Economic Incentives in Internet Routing Jennifer Rexford Princeton University
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Tesseract A 4D Network Control Plane
© 2009 Cisco Systems, Inc. All rights reserved.ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Configuring and Verifying Basic BGP Operations.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.
Hot Potatoes Heat Up BGP Routing Jennifer Rexford AT&T Labs—Research Joint work with Renata Teixeira, Aman Shaikh, and.
Computer Networks Layering and Routing Dina Katabi
Chapter 22 Network Layer: Delivery, Forwarding, and Routing
Constructing Inter-Domain Packet Filters to Control IP Spoofing Based on BGP Updates Zhenhai Duan, Xin Yuan Department of Computer Science Florida State.
1 Controlling IP Spoofing via Inter-Domain Packet Filters Zhenhai Duan Department of Computer Science Florida State University.
1 Interdomain Routing (BGP) By Behzad Akbari Fall 2008 These slides are based on the slides of Ion Stoica (UCB) and Shivkumar (RPI)
CS 3700 Networks and Distributed Systems Inter Domain Routing (It’s all about the Money) Revised 8/20/15.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks BGP.
Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.
Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.
A Measurement Study on the Impact of Routing Events on End-to-End Internet Path Performance Feng Wang 1, Zhuoqing Morley Mao 2 Jia Wang 3, Lixin Gao 1,
T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Inter-domain routing Some slides used with.
A Light-Weight Distributed Scheme for Detecting IP Prefix Hijacks in Real-Time Lusheng Ji†, Joint work with Changxi Zheng‡, Dan Pei†, Jia Wang†, Paul Francis‡
1 A Framework for Measuring and Predicting the Impact of Routing Changes Ying Zhang Z. Morley Mao Jia Wang.
Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006.
CS 4396 Computer Networks Lab BGP. Inter-AS routing in the Internet: (BGP)
Evolving Toward a Self-Managing Network Jennifer Rexford Princeton University
Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing Ying Zhang Z. Morley Mao Jia Wang Presented in NDSS07 Prepared by : Hale Ismet.
Evolving Toward a Self-Managing Network Jennifer Rexford Princeton University
BGP Routing Stability of Popular Destinations Jennifer Rexford, Jia Wang, Zhen Xiao, and Yin Zhang AT&T Labs—Research Florham Park, NJ All flaps are not.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—5-1 Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to a Single Service.
1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Using Multihomed BGP Networks.
Incrementally Deployable Security for Interdomain Routing (TTA-4, Type-I) Elliott Karpilovsky, Princeton University on behalf of Jennifer Rexford, Princeton.
Doing Don’ts: Modifying BGP Attributes within an Autonomous System Luca Cittadini, Stefano Vissicchio, Giuseppe Di Battista Università degli Studi RomaTre.
1 On the Impact of Route Monitor Selection Ying Zhang* Zheng Zhang # Z. Morley Mao* Y. Charlie Hu # Bruce M. Maggs ^ University of Michigan* Purdue University.
CS 3700 Networks and Distributed Systems
BGP Routing Stability of Popular Destinations
Jian Wu (University of Michigan)
COS 561: Advanced Computer Networks
BGP supplement Abhigyan Sharma.
COS 561: Advanced Computer Networks
COS 561: Advanced Computer Networks
COMP/ELEC 429/556 Introduction to Computer Networks
BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)
BGP Instability Jennifer Rexford
Presentation transcript:

A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang AT&T Labs-Research Joint work with Ying Zhang and Z. Morley Mao University of Michigan

A Firewall for Routers: Protecting Against Routing Misbehavior2 June 26, 2007 Interdomain routing: Border Gateway Protocol (BGP) Disseminating routing information between ISPs Disseminating routing information between ISPs  Incremental: an update indicates a routing change  Path vector based: list of ASes in the path  Policy based: route selection based on each ISP’s policy Controlling packet forwarding in the data plane Controlling packet forwarding in the data plane AS A AS B C BR C AS C C BR C Internet AS D “I can reach /24” “ I can reach /24 via AS A” “ I can reach /24 via AS B A”

A Firewall for Routers: Protecting Against Routing Misbehavior3 June 26, 2007 Example: IP prefix hijacking AS B C BR AS C C BR C AS D destination source Path:d =[A]Path:d =[BA]Path:d =[CBA] AS A C BR p: [CBA] p: [CF] BGP Announcement: (prefix p) Prefix p AS F

A Firewall for Routers: Protecting Against Routing Misbehavior4 June 26, 2007 Internet routing security problems Routers assume updates from neighbor are correct Routers assume updates from neighbor are correct Routing correctness is vulnerable to misconfigurations, attacks, and protocol ambiguities Routing correctness is vulnerable to misconfigurations, attacks, and protocol ambiguities There is no security guarantee in BGP There is no security guarantee in BGP  Secure protocol, e.g. SBGP, is slowly adopted and cannot eliminate misconfigurations

A Firewall for Routers: Protecting Against Routing Misbehavior5 June 26, 2007 Our approach Q: can a network locally protects against routing misbehavior from external networks? A: a proactive scheme to correct routing updates locally Route Normalizer Route Normalizer  Sits between local router and remote router  Detects and corrects problems by taking advantage of local information

A Firewall for Routers: Protecting Against Routing Misbehavior6 June 26, 2007 Outline Design of Route Normalizer Design of Route Normalizer Functionality of Route Normalizer Functionality of Route Normalizer Prototype implementation and evaluation Prototype implementation and evaluation Empirical results Empirical results Discussion Discussion

A Firewall for Routers: Protecting Against Routing Misbehavior7 June 26, 2007 Route Normalizer architecture Route Normalizer Policy Engine Optional config input (e.g. local router configuration) Policy configuration Aggregated alarm reports Optional data input (e.g. external BGP data) BGP traffic Individual alarms

A Firewall for Routers: Protecting Against Routing Misbehavior8 June 26, 2007 Design principles Perform basic checking to ensure protocol semantic correctness Perform basic checking to ensure protocol semantic correctness Make use of local network information Make use of local network information Take advantage of external information to assist route anomaly detection Take advantage of external information to assist route anomaly detection Assume dominant history behavior is mostly correct Assume dominant history behavior is mostly correct Use anomaly detection to influence route selection to avoid anomalous routes Use anomaly detection to influence route selection to avoid anomalous routes

A Firewall for Routers: Protecting Against Routing Misbehavior9 June 26, 2007 Deployment scenario I C BR Route NormalizerRemote routerLocal router Data traffic BGP traffic Data traffic Normalized BGP traffic Alarm reports, policy improvements BGP session Route Normalizer observes data plane traffic Route Normalizer observes data plane traffic No configuration changes on remote router No configuration changes on remote router Case I: transparent TCP proxy setup Case II: two BGP sessions

A Firewall for Routers: Protecting Against Routing Misbehavior10 June 26, 2007 Deployment scenario II C BR Route Normalizer Remote router Local router Data traffic BGP traffic Normalized BGP traffic Alarm reports, policy improvements BGP session BGP traffic No data traffic traverse Route Normalizer No data traffic traverse Route Normalizer Route Normalizer peers with both routers Route Normalizer peers with both routers Configuration changes on local router Configuration changes on local router

A Firewall for Routers: Protecting Against Routing Misbehavior11 June 26, 2007 Outline Design of Route Normalizer Design of Route Normalizer Functionality of Route Normalizer Functionality of Route Normalizer Prototype implementation and evaluation Prototype implementation and evaluation Empirical evaluation using BGP data Empirical evaluation using BGP data Discussion Discussion

A Firewall for Routers: Protecting Against Routing Misbehavior12 June 26, 2007 Functionality of Route Normalizer Fix violation of BGP semantics Fix violation of BGP semantics Fix violation of routing policy Fix violation of routing policy Detect routing anomalies Detect routing anomalies Manage load and instability Manage load and instability

A Firewall for Routers: Protecting Against Routing Misbehavior13 June 26, 2007 Fix violation of BGP semantics Mal-formed BGP updates Mal-formed BGP updates  Incorrect attribute values, e.g. AS level loops  Attributes with private information  Missing mandatory attribute values Route Normalizer action Route Normalizer action  Modify or drop the updates Avoid router crashes Avoid router crashes Avoid ambiguity if alternate route exists Avoid ambiguity if alternate route exists  Generate alarms

A Firewall for Routers: Protecting Against Routing Misbehavior14 June 26, 2007 Fix violations of routing policies Specifying policies with best common practice Specifying policies with best common practice  Export policy should follow AS relationship constraints  Nexthop AS and IP should match the BGP neighbors’ AS and IP Route Normalizer action Route Normalizer action  Modify or drop the updates if alternate route exists  Generate alarms

A Firewall for Routers: Protecting Against Routing Misbehavior15 June 26, 2007 Detect routing anomalies Anomalous routing behavior Anomalous routing behavior Address hijacking Address hijacking Routing inconsistency Routing inconsistency Route Normalizer action Route Normalizer action  Drop the updates if alternate route exists  Generate alarms

A Firewall for Routers: Protecting Against Routing Misbehavior16 June 26, 2007 Load management and instability mitigation Manage router workload Manage router workload  Mitigate load due to identical routing updates  Mitigate against router DoS attacks  Mitigate instability of flapping prefixes  Mitigate instability of session resets Route Normalizer action Route Normalizer action  Drop duplicate updates  Filter BGP attack traffic, delay updates  Emulate route flap damping, delay updates  Emulate graceful restart, delay updates

A Firewall for Routers: Protecting Against Routing Misbehavior17 June 26, 2007 Outline Design of Route Normalizer Design of Route Normalizer Functionality of Route Normalizer Functionality of Route Normalizer Prototype implementation and evaluation Prototype implementation and evaluation Empirical evaluation using BGP data Empirical evaluation using BGP data Discussion Discussion

A Firewall for Routers: Protecting Against Routing Misbehavior18 June 26, 2007 Prototype 18 1.Initialization 2.Checking path attributes 3.Anomaly detection

A Firewall for Routers: Protecting Against Routing Misbehavior19 June 26, 2007 Prototype evaluation Platform Platform  3 GHz Pentium IV CPU, 1.5GB memory, 100Mbps System throughput System throughput  77.9Mbps or 64,916 packets/sec  Slight degradation on throughput with more peers Memory consumption Memory consumption  20MB memory consumption for 16 days data  Slight increase on memory consumption with more peers

A Firewall for Routers: Protecting Against Routing Misbehavior20 June 26, 2007 Outline Design of Route Normalizer Design of Route Normalizer Functionality of Route Normalizer Functionality of Route Normalizer Prototype implementation and evaluation Prototype implementation and evaluation Empirical evaluation using BGP data Empirical evaluation using BGP data Discussion Discussion

A Firewall for Routers: Protecting Against Routing Misbehavior21 June 26, 2007 Normalization statistics Category# updates (% total alarms) # ASes involved # prefixes involved AS path loops1,047 (3.5%)232,483 Private ASes in AS paths930(3.1%)31953 Unusually long AS paths172 (0.57%) AS relationship violations20,174 (67%)43894 MOAS violations5,976 (19.9%) Unstable prefixes1,785 (5.9%) RouteViews: Oct 2006 (based on three months history data)

A Firewall for Routers: Protecting Against Routing Misbehavior22 June 26, 2007 Known routing problems from NANOG: prefix leaking Date: July 11, 2003 Date: July 11, 2003 Observations: traffic from Sprint(AS 1239) traverses ALGX(AS 2828)’s customer. Observations: traffic from Sprint(AS 1239) traverses ALGX(AS 2828)’s customer. Reported by Route Normalizer Reported by Route Normalizer  AS path violates AS relationship Broadwing Communications (AS 6359) did not filter announcement from its customer (AS14751), which is learned from the another provider AS Broadwing Communications (AS 6359) did not filter announcement from its customer (AS14751), which is learned from the another provider AS 2828.

A Firewall for Routers: Protecting Against Routing Misbehavior23 June 26, 2007 Known routing problems from NANOG: instability Date: Oct. 5, 2005 Date: Oct. 5, 2005 Observations: Level 3 (AS 3356) terminated its peering relation with Cogent (AS 174) Observations: Level 3 (AS 3356) terminated its peering relation with Cogent (AS 174) Reported by Route Normalizer Reported by Route Normalizer  From Level 3’s perspective, 1063 (100%) distinct prefixes withdrawn from AS 174, reported as anomalous routing behavior

A Firewall for Routers: Protecting Against Routing Misbehavior24 June 26, 2007 Outline Design of Route Normalizer Design of Route Normalizer Functionality of Route Normalizer Functionality of Route Normalizer Prototype implementation and evaluation Prototype implementation and evaluation Empirical evaluation using BGP data Empirical evaluation using BGP data Discussion Discussion

A Firewall for Routers: Protecting Against Routing Misbehavior25 June 26, 2007 Discussion Attacks towards Route Normalizer Attacks towards Route Normalizer  Resource overloaded attacks via increasing routing instability Assigning penalty to detect malicious peers Assigning penalty to detect malicious peers  Announcing malicious long AS path to increase computation Optimizing AS relationship checking process Optimizing AS relationship checking process Raising alarms Raising alarms Deployed with centralized routing decision platform, e.g. RCP Deployed with centralized routing decision platform, e.g. RCP

A Firewall for Routers: Protecting Against Routing Misbehavior26 June 26, 2007 Conclusion Develop a platform for BGP traffic normalization Develop a platform for BGP traffic normalization Propose the use of routing anomaly detection to achieve more robust routing Propose the use of routing anomaly detection to achieve more robust routing Perform extensive correlation between NANOG s and anomaly detection using BGP data Perform extensive correlation between NANOG s and anomaly detection using BGP data

A Firewall for Routers: Protecting Against Routing Misbehavior27 June 26, 2007 Thank you! Questions? 27

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.