Preventing Attacks on BGP Policies: One Bit is Enough

Show full item record

Please use this identifier to cite or link to this item: http://hdl.handle.net/1853/38920

Title: Preventing Attacks on BGP Policies: One Bit is Enough
Author: Sundaresan, Srikanth ; Lychev, Robert ; Valancius, Vytautas
Abstract: The Internet is comprised of many autonomous systems (AS) managed by independent entities that use the Border Gateway Protocol (BGP) to route their traffic. Although it is the de facto standard for establishing paths across the Internet, BGP is not a secure protocol and the Internet infrastructure often experiences attacks, such as prefix hijacking and attribute mangling, incurring great costs to ASes that experience them. Various solutions have been proposed in response to these attacks, such as Secure BGP, but they do not address traffic attraction attacks that stem from export policy violations. In these attacks, malicious ASes can introduce paths that are legitimate from the protocol standpoint and yet malicious to the users of that protocol. Although these attacks have been studied before, no solution has yet been proposed. In this paper, we thoroughly characterize this set of attacks and propose a very lightweight and effective scheme to address them. Our scheme requires no manual configuration. We show that even if only a small fraction of ASes deploy our scheme, the amount of possible attacks reduces by on order of magnitude.
Type: Technical Report
URI: http://hdl.handle.net/1853/38920
Date: 2011
Contributor: Georgia Institute of Technology. College of Computing
Georgia Institute of Technology. School of Computer Science
Relation: SCS Technical Report ; GT-CS-11-07
Publisher: Georgia Institute of Technology
Subject: Algebra and dynamic network routing
BGP traffic attraction attacks
Border gateway protocol (BGP)
Economic aspects of the Internet
Secure border gateway protocol (S-BGP)

All materials in SMARTech are protected under U.S. Copyright Law and all rights are reserved, unless otherwise specifically indicated on or in the materials.

Files in this item

Files Size Format View
GT-CS-11-07.pdf 443.1Kb PDF View/ Open

This item appears in the following Collection(s)

Show full item record