220 likes | 414 Views
How Secure are Secure Interdomain Routing Protocols?. B96209044 大氣四 鍾岳霖 B97703099 財金三 婁瀚升. Outline. Introduction Model and Methodology Fooling BGP Security Protocols Smart Attraction Attack Smart Interception Attack Smart Attack Are Not Optimal Finding Optimal Attack is Hard
E N D
How Secure are Secure Interdomain Routing Protocols? B96209044 大氣四 鍾岳霖 B97703099 財金三 婁瀚升
Outline • Introduction • Model and Methodology • Fooling BGP Security Protocols • Smart Attraction Attack • Smart Interception Attack • Smart Attack Are Not Optimal • Finding Optimal Attack is Hard • Implementation Issues • Conclusion
Introduction • BGP • Quantifying • Worst Case Comparison • Traffic Flow: Routing, Business, AS-path • Thinking like a Manipulator • Finding and Recommendations
Model and Methodology • Modeling Interdomain Routing • AS Graph • Establishing Path • Business Relationship: C > P2P > P • Modeling Routing Policies • Ranking: LP, SP, TB • Local Preference: GR3 , C > P2P > P • Export Policy: GR2,at least 1 Customer
Model and Methodology • Threat Model • 1 Manipulator • Normal ASes, Normal Path • Attration and Interception • Fraction Attracted • Attack Strategy: • Unavailable or Non-existent Path • Available but not Normal • Export Policies
Model and Methodology • Experiment on Empirical AS Graph • Average Case Analysis • Random Chosen Pairs • Multiple Dataset
Fooling BGP Security Protocols • BGP: No validation → False Path • Origin Authentication: Prefix Owner → Clain to be the closest • soBGP: OrAuth, Path Existence → Exist, Unavail.
Fooling BGP Security Protocols • S-BGP: Path Verification: abc if bc sent to a → Shorter Path • Data Plane Verification → Also Forward • Defensive Filter : No Stub
Smart Attraction Attack • Shortest-Path Export All • Underestimation • Defensive Filtering : Crucial • Different Strategy to Different Protocols
Smart Attraction Attack • SBGP: Hard to find Shorter, Not Opt. • Export Policy Matters More • Different Sized Manipulator : Tier 2 • Different Sized Victim : Tier 1 vs Tier2
Smart Interception Attack • A stub that creates a blackhole
Smart Interception Attack • Stub Make Blackhole : Failure • Blackhole or Not
Smart Interception Attack • 2 Strategies: • Shortest Available Path Export All • Hybrid Interception Attack Strategy • Evaluation
Smart Attack are Not Optimal • Longer Path might be better • Exporting less might be better • Gaming Loop Detection
But.... • Finding Optimal Attack : NP-Hard • Realistic ? • Implementation Issues • OrAuth with RPKI/ROA • Defendive Filtering in Practice • Trust Model
Conclusion • secure routing protocols (e.g., soBGP and S-BGP) should be deployed in combination with mechanismsthat police export policies (e.g., defensive filtering) • defensive filtering to eliminate attacks by stub ASes, and secure routing protocols to blunt attacks launched by larger ASes