1 / 7

Challenge: Securing Routing Protocols

Challenge: Securing Routing Protocols. Adrian Perrig perrig@cmu.edu. Why Secure Routing?. Deployed routing protocols assume a trusted environment! Even misconfigurations can severely disrupt routing protocols Secure routing properties Reduce misconfiguration impact

Ava
Download Presentation

Challenge: Securing Routing Protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Challenge: SecuringRouting Protocols Adrian Perrig perrig@cmu.edu

  2. Why Secure Routing? • Deployed routing protocols assume a trusted environment! • Even misconfigurations can severely disrupt routing protocols • Secure routing properties • Reduce misconfiguration impact • Robust against compromised nodes (Byzantine failures) • Only legitimate nodes participate in forwarding • Prevent attackers from injecting bogus routes

  3. Secure Routing Illustration C J G A A D S E I B B H F F

  4. Secure Ad Hoc Network Routing Protocols • SEAD: Secure Efficient Ad hoc Distance vector routing protocol [WMCSA 2002] • Ariadne: secure on-demand routing protocol[Mobicom 2002] • New routing attacks • Wormhole attack [Infocom 2003] • Rushing attack • Joint work with Yih-Chun Hu and David Johnson

  5. Secure Sensor Network Routing • Challenges • Energy constraints invite DoS attacks • Memory and bandwidth constraints prevent using sophisticated routing protocols • Compromised nodes may inject malicious messages or drop data traffic • Current approach: combine probabilistic routing with multi-path routing

  6. Secure Internet Routing • Challenges • Legacy systems • Untrusted domains, complicated trust relationships • Even misconfigurations can significantly perturb Internet routing • Current project: use efficient cryptographic techniques to verify BGP routing updates

  7. Research Directions • Today we enumerate attacks and protect against them • To start securing BGP, RPsec IETF working group is establishing a list of BGP vulnerabilities • We need to establish metrics • Allows comparison of protocols • Study security properties vs performance • Measure effectiveness of DoS attacks • E.g., in sensor networks: attacker energy / network energy

More Related