Malicious MPLS Policy Engine Reconnaissance

Abstract : Multi-Protocol Label Switching (MPLS) is widely used on telecommunications carrier and service provider backbone networks, complex network infrastructures, and also for the interconnection of distributed sites requiring guaranteed quality of service (QoS) and service levels such as the financial services sector, government and public safety, or control networks such as the electric power grid.MPLS is a policy-based system wherein router behaviour is determined not only by the base protocols, but also by a set of further policies that network operators will typically wish not to reveal. However, sophisticated adversaries are known to conduct network reconnaissance years before executing actual attacks, and may also wish to conduct deniable attacks that may not be visible as such that appear as service degradation or which will cause re-configuration of paths in the interest of the attacker. In this paper we therefore describe a probing algorithm and a model of MPLS state space allowing an adversary to learn about the policies and policy state of an MPLS speaker. In spite of the restrictions on the adversary, our probing algorithm revealed the policy states of non-directly connected routers. Also, we analyse the confirmed information using a Bayesian network and provide simulative validation of our findings.
Type de document :
Communication dans un congrès
Bart Decker; André Zúquete. 15th IFIP International Conference on Communications and Multimedia Security (CMS), Sep 2014, Aveiro, Portugal. Springer, Lecture Notes in Computer Science, LNCS-8735, pp.3-18, 2014, Communications and Multimedia Security. 〈10.1007/978-3-662-44885-4_1〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01404180
Contributeur : Hal Ifip <>
Soumis le : lundi 28 novembre 2016 - 14:44:06
Dernière modification le : lundi 28 novembre 2016 - 14:45:27
Document(s) archivé(s) le : mardi 21 mars 2017 - 11:45:04

Fichier

978-3-662-44885-4_1_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Abdulrahman Al-Mutairi, Stephen Wolthusen. Malicious MPLS Policy Engine Reconnaissance. Bart Decker; André Zúquete. 15th IFIP International Conference on Communications and Multimedia Security (CMS), Sep 2014, Aveiro, Portugal. Springer, Lecture Notes in Computer Science, LNCS-8735, pp.3-18, 2014, Communications and Multimedia Security. 〈10.1007/978-3-662-44885-4_1〉. 〈hal-01404180〉

Partager

Métriques

Consultations de la notice

88

Téléchargements de fichiers

6