Are BGP Routers Open to Attack? An Experiment

Abstract : The BGP protocol is at the core of the routing infrastructure of the Internet. Across years, BGP has proved to be very stable for its purpose. However, there have been some catastrophic incidents in the past, due to relatively simple router misconfigurations. In addition, unused network addresses are being silently stolen for spamming purposes. A relevant corpus of literature investigated threats in which a trusted BGP router injects malicious or wrong routes and some security improvement to the BGP protocol have also being proposed to make these attacks more difficult to perform. In this work, we perform a large-scale study to explore the validity of the hypothesis that it is possible to mount attacks against the BGP infrastructure without already having the control of a “trusted” BGP router. Even though we found no real immediate threat, we observed a large number of BGP routers that are available to engage in BGP communication, exposing themselves to potential Denial-of-Service attacks.
Type de document :
Communication dans un congrès
Jan Camenisch; Valentin Kisimov; Maria Dubovitskaya. 1st Open Research Problems in Network Security (iNetSec), Mar 2010, Sofia, Bulgaria. Springer, Lecture Notes in Computer Science, LNCS-6555, pp.88-103, 2011, Open Research Problems in Network Security. 〈10.1007/978-3-642-19228-9_8〉
Liste complète des métadonnées

Littérature citée [22 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01581336
Contributeur : Hal Ifip <>
Soumis le : lundi 4 septembre 2017 - 15:07:26
Dernière modification le : lundi 4 septembre 2017 - 15:09:11

Fichier

978-3-642-19228-9_8_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Ludovico Cavedon, Christopher Kruegel, Giovanni Vigna. Are BGP Routers Open to Attack? An Experiment. Jan Camenisch; Valentin Kisimov; Maria Dubovitskaya. 1st Open Research Problems in Network Security (iNetSec), Mar 2010, Sofia, Bulgaria. Springer, Lecture Notes in Computer Science, LNCS-6555, pp.88-103, 2011, Open Research Problems in Network Security. 〈10.1007/978-3-642-19228-9_8〉. 〈hal-01581336〉

Partager

Métriques

Consultations de la notice

34

Téléchargements de fichiers

14