BGP Attack Tree draft-convery-bgpattack-00.txt

Slides:

Advertisements

Similar presentations

OCTAVESM Process 4 Create Threat Profiles

Advertisements

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: "Big data security evaluation" UNIFI-CNR Nicola Nostro, Andrea.

Jeanne H. Espedalen Attack Trees Describing Security in Distributed Internet-Enabled Metrology.

(Project) SIGN OFF PROCESS June 21, 2010

Information Security Policies and Standards

Component-Level Design

These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 6/e and are provided with permission by.

TechMIS LLC Proprietary Tracking Requirements And Compliance Engineering (TRACE ) Steve Collier/B. Squires/TechMIS LLC An affordable and user friendly.

Internet Technology: A Sampler Ramesh Johari Massachusetts Institute of Technology

By: Ashwin Vignesh Madhu

Lesson 19: Configuring Windows Firewall

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Every Solution Consultancy ISO 9001:2008 Certification IMPLEMENTATION Web:

Understanding of Automation Framework A Storehouse of Vast Knowledge on Software Testing and Quality Assurance.

Application Threat Modeling Workshop

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”.

G53SEC Computer Security Introduction to G53SEC 1.

Architecting secure software systems

1 Our Expertise and Commitment – Driving your Success An Introduction to Transformation Offering November 18, 2013 Offices in Boston, New York and Northern.

Information Systems Security Computer System Life Cycle Security.

HOMELAND SECURITY ADVISORY SYSTEM. Established after the terrorist attacks on America September 11, 2001.

1 Introduction to Security Chapter 5 Risk Management: The Foundation of Private Security.

BGP Attack Tree draft-convery-bgpattack-01.txt bgpattack-01.txt Sean Convery David Cook Matt Franz.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Integrated Enterprise-wide Risk Management Protecting Critical Information Assets and Records FIRM Forum.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Evaluation Plan New Jobs “How to Get New Jobs? Innovative Guidance and Counselling 2 nd Meeting Liverpool | 3 – 4 February L Research Institute Roula.

Cosc 513Presentation, Fall Network Security Student: Jianping He Student ID: Instructor: ProfessorAnvari Fall 2000.

Joint Session SG Security / OpenHAN SG Security WG Chair: Darren Reece Highfill

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

S&I Standards Organization Engagement & Communication Plan DRAFT Standards Support Team 1 September 2011.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

1 These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 5/e and are provided with permission by.

Topic 5: Basic Security.

THE DEVIL IS IN THE (IMPLEMENTATION) DETAILS: AN EMPIRICAL ANALYSIS OF OAUTH SSO SYSTEMS SAN-TSAI SUN & KONSTANTIN BEZNOSOV PRESENTED BY: NAZISH KHAN COMPSCI.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

1 Updating the ESnet Site Coordinator Model (Presented to SLCCC, June, 2004) Joe Burrescia Mike Collins William E. Johnston DRAFT FOR COMMENT 7/19/04.

SEC835 Security in Databases and Web applications Presentation.

1 Chapter 16 Component-Level Design. 2 Component-Level Design  the closest design activity to coding  the approach: review the design description for.

Application Communities Phase II Technical Progress, Instrumentation, System Design, Plans March 10, 2009.

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Seetha Manickam Modified by Sarjana Singh.

1 These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 5/e and are provided with permission by.

WebAuditor Training Kit. Introduction-WebAuditor  Process Automation tool for automating all internal quality audit activities.  Web based tool with.

Information Security Governance and Risk Chapter 2 Part 2 Pages 69 to 100.

Part 1: Corporate Operational benefits, Non-technical information for FSOs and ISSMs/ISSOs Part 2: Technical Tips on how to conduct a better audit review.

1 INTRA- AND INTERDOMAIN ROUTING Routing inside an autonomous system is referred to as intradomain routing. Routing between autonomous systems is referred.

Mobile IP 순천향대학교 전산학과 문종식

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

19 March 2003Page 1 BGP Vulnerabilities Draft March 19, 2003 Sandra Murphy

ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,

Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

© ITT Educational Services, Inc. All rights reserved. IS4680 Security Auditing for Compliance Unit 1 Information Security Compliance.

MANAGEMENT of INFORMATION SECURITY, Fifth Edition

CS457 Introduction to Information Security Systems

Information Security, Theory and Practice.

Risk management.

Understanding of Automation Framework

Goals of soBGP Verify the origin of advertisements

Change Control Process—I

SECURITY SYSTEMS WITHOUT KEYS!!

Security in Networking

Security in SDR & cognitive radio

(Project) SIGN OFF PROCESS MONTH DAY, YEAR

Presentation transcript:

BGP Attack Tree draft-convery-bgpattack-00.txt Sean Convery David Cook Matt Franz

Motivations Develop formal analysis of potential threats to and using BGP Create threat profile useful for evaluating BGP security improvements Provide foundation for vulnerability testing of new and existing BGP implementations Facilitate repeatable testing methodology by third parties Organize the material in a modular and reusable way

Why Attack Trees? Provide well documented method of exploring every possibility an adversary has (technical and non-technical). Data presentation in tree format allows: –Easy gap identification –Selective elaboration based on location in the tree –Ability to assign attributes for nodes of the tree: Impact of the attack Ease of attack execution Cost of the attack Presence of countermeasures (such as best practices) Access/trust requirements to conduct attack

Attack Tree Example Goal: Gain unauthorized physical access to building Attack: OR 1. Unlock door with key OR 1. Steal Key 2. Social Engineering OR 1. Borrow key 2. Convince locksmith to unlock door 2. Pick lock 3. Break window 4. Follow authorized individual into building OR 1. Act like you belong and follow someone else 2. Befriend someone authorized outside a building 3. Appear in need of assistance (such as carrying a large box) AND 4. Wear appropriate clothing for the location

Attack Tree Example (Graphical) Graphic tree representations are generated from the source attack tree. Blue = OR Red = AND

Reset a Single BGP Session Attack: OR 1. Send message to router causing reset OR 1. Send RST message to TCP stack 2. Send BGP Message OR 1. Notify 2. Open 3. Keepalive AND 3. TCP Sequence number Attack (Appendix A.4) 2. Alter configuration via compromised router (Appendix A.1)

Reset a Single BGP Session (Graphical) Blue = OR Red = AND

Next Steps Incorporate feedback on draft Ensure completeness of attack tree Coordinate with other threat drafts Thanks!