Are BGP Routers Open to Attack? An Experiment

Abstract : The BGP protocol is at the core of the routing infrastructure of the Internet. Across years, BGP has proved to be very stable for its purpose. However, there have been some catastrophic incidents in the past, due to relatively simple router misconfigurations. In addition, unused network addresses are being silently stolen for spamming purposes. A relevant corpus of literature investigated threats in which a trusted BGP router injects malicious or wrong routes and some security improvement to the BGP protocol have also being proposed to make these attacks more difficult to perform. In this work, we perform a large-scale study to explore the validity of the hypothesis that it is possible to mount attacks against the BGP infrastructure without already having the control of a “trusted” BGP router. Even though we found no real immediate threat, we observed a large number of BGP routers that are available to engage in BGP communication, exposing themselves to potential Denial-of-Service attacks.
Document type :
Conference papers
Complete list of metadatas

Cited literature [22 references]  Display  Hide  Download

https://hal.inria.fr/hal-01581336
Contributor : Hal Ifip <>
Submitted on : Monday, September 4, 2017 - 3:07:26 PM
Last modification on : Wednesday, August 7, 2019 - 12:18:08 PM

File

978-3-642-19228-9_8_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Ludovico Cavedon, Christopher Kruegel, Giovanni Vigna. Are BGP Routers Open to Attack? An Experiment. 1st Open Research Problems in Network Security (iNetSec), Mar 2010, Sofia, Bulgaria. pp.88-103, ⟨10.1007/978-3-642-19228-9_8⟩. ⟨hal-01581336⟩

Share

Metrics

Record views

62

Files downloads

258