Presentation is loading. Please wait.

Presentation is loading. Please wait.

Detecting Attacks on Internet Infrastructure and Monitoring of Service Restoration in Real Time Andy Ogielski FCC Workshop on Cyber Security 30 September.

Published byPhyllis Britney Parker Modified over 8 years ago

Similar presentations

Presentation on theme: "Detecting Attacks on Internet Infrastructure and Monitoring of Service Restoration in Real Time Andy Ogielski FCC Workshop on Cyber Security 30 September."— Presentation transcript:

1 Detecting Attacks on Internet Infrastructure and Monitoring of Service Restoration in Real Time Andy Ogielski FCC Workshop on Cyber Security 30 September 2009

2 © 2009 Renesys Corporation FCC Presentation2 Threats to Internet Infrastructure Focus on threats to Internet Infrastructure – as opposed to threats to end systems (viruses, malware, fraud, data exfiltration, etc). The state of the Internet Infrastructure can be continuously measured – on the national and global scale. Response and restoration require accurate “who is who” directories and maps of network owners and operators. Objective metrics and scores can track compliance with policies and reliability goals.

3 © 2009 Renesys Corporation FCC Presentation3 Internet Connectivity Threats Poorly understood by cyber security community Physical problems (Physical Infrastructure: Natural, accidental or intentional destruction) Earthquakes, Anchors/Backhoes, Hurricanes, Bombs Routing Vulnerabilities (Logical Infrastructure: if routers do not direct traffic correctly, Internet is broken) Insecure BGP Routing Protocol, Misconfigurations, Bugs, Exploits Business Conflicts (Competing providers can refuse to exchange their customers’ traffic - depeerings) Recent depeerings between certain tier-1 providers left thousands of their “captive” customers without capability of connecting to one another – partitioning of the Internet.

4 © 2009 Renesys Corporation FCC Presentation4 The state of the Internet can be monitored at all times Outages and restoration data can be tracked with precision

5 © 2009 Renesys Corporation FCC Presentation5 Recorded incidents illustrate the potential of cyber attacks Spread of malformed router-to-router messages triggers worldwide failures of certain router models until the culprits recognize their error & turn the box off. A single “bad” router can cause 10-fold routing instability increase, globally, in minutes... Many worse incidents on record: False routes can be injected, traffic hijacked. Aug 2009 incident Feb 2009 incident

6 © 2009 Renesys Corporation FCC Presentation6 Objective metrics can measure compliance with policies Example metric - based on continuous measurements - for quantifying the agreement between officially registered routing policies and actually observed routing for every network prefix in every country.

7 © 2009 Renesys Corporation FCC Presentation7 Internet Connectivity Threats Trends & Prognosis Physical problems (Physical Infrastructure: Natural, accidental or intentional destruction) Earthquakes, Anchors/Backhoes, Hurricanes, Bombs Prognosis is improving. Need bandwidth & constant attention. Routing Vulnerabilities (Logical Infrastructure: if routers do not direct traffic correctly, Internet is broken) Insecure BGP Routing Protocol, Misconfigurations, Bugs, Exploits Best we can do now is monitor and respond quickly. Prognosis is dismal. Need a manageable path to secure routing. Business Conflicts (Competing providers can refuse to exchange traffic - depeerings) Prognosis is improving. Measure diversity within Internet provider markets. Consider defining "too big to fail."

8 © 2009 Renesys Corporation FCC Presentation8 Additional Information More examples of infrastructure vulnerabilities and ways to address them at www.renesys.com

Download ppt "Detecting Attacks on Internet Infrastructure and Monitoring of Service Restoration in Real Time Andy Ogielski FCC Workshop on Cyber Security 30 September."

Similar presentations

ABSTRACT Due to the Internets sheer size, complexity, and various routing policies, it is difficult if not impossible to locate the causes of large volumes.

ABSTRACT Due to the Internets sheer size, complexity, and various routing policies, it is difficult if not impossible to locate the causes of large volumes.
The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.

The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.
Improving Internet Availability. Some Problems Misconfiguration Miscoordination Efficiency –Market efficiency –Efficiency of end-to-end paths Scalability.

Improving Internet Availability. Some Problems Misconfiguration Miscoordination Efficiency –Market efficiency –Efficiency of end-to-end paths Scalability.
Internet Availability Nick Feamster Georgia Tech.

Internet Availability Nick Feamster Georgia Tech.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
1/27 Evaluating Potential Routing Diversity for Internet Failure Recovery *Chengchen Hu, + Kai Chen, + Yan Chen, *Bin Liu *Tsinghua University, + Northwestern.

1/27 Evaluating Potential Routing Diversity for Internet Failure Recovery *Chengchen Hu, + Kai Chen, + Yan Chen, *Bin Liu *Tsinghua University, + Northwestern.
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.

1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Module Summary BGP has reliable transport provided by TCP, a rich set of metrics called BGP.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Module Summary BGP has reliable transport provided by TCP, a rich set of metrics called BGP.
Zhaobo Zhang Huawei Technologies (USA) 2014-09-11.

Zhaobo Zhang Huawei Technologies (USA)
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Interdomain Routing Security COS 461: Computer Networks Michael Schapira.

Interdomain Routing Security COS 461: Computer Networks Michael Schapira.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.

Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.
Inter-domain Routing security Problems Solutions.

Inter-domain Routing security Problems Solutions.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.

Similar presentations

Ads by Google