Presentation is loading. Please wait.

Presentation is loading. Please wait.

COS 561: Advanced Computer Networks

Published byCandice Cox Modified over 5 years ago

Similar presentations

Presentation on theme: "COS 561: Advanced Computer Networks"— Presentation transcript:

1 COS 561: Advanced Computer Networks
BGP Security Jennifer Rexford Fall 2016 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks

2 Example “Prefix Hijacking” Attack
YouTube Outage of February 24, 2008

3 February 24, 2008, YouTube Outage
YouTube (AS 36561) Web site Address block /22 Pakistan Telecom (AS 17557) Receives government order to block access to YouTube Starts announcing /24 to PCCW (AS 3491) All packets directed to YouTube get dropped on the floor Mistakes were made AS 17557: announcing to everyone, not just customers AS 3491: not filtering routes announced by AS 17557 Lasted 100 minutes for some, 2 hours for others

4 Timeline (UTC Time) 18:47:45 18:48:00 18:49:30 20:07:25 20:08:30
First evidence of hijacked /24 route propagating in Asia 18:48:00 Several big trans-Pacific providers carrying the route 18:49:30 Bogus route fully propagated 20:07:25 YouTube starts advertising the /24 to attract traffic back 20:08:30 Many (but not all) providers are using the valid route

5 Timeline (UTC Time) 20:18:43 20:19:37 20:50:59 20:59:39 21:00:00
YouTube starts announcing two more-specific /25 routes 20:19:37 Some more providers start using the /25 routes 20:50:59 AS starts prepending (“ ”) 20:59:39 AS 3491 disconnects AS 17557 21:00:00 All is well, videos of cats flushing toilets are available

6 Lessons From the Example
BGP is incredibly vulnerable Local actions have serious global consequences Propagating misinformation is surprisingly easy Fixing the problem required vigilance Monitoring to detect and diagnose the problem Immediate action to (try to) attract the traffic back Longer-term cooperation to block/disable the attack Preventing these problems is even harder Require all ASes to perform defensive filtering? Automatically detect and stop bogus route? Require proof of ownership of the address block?

7 BGP Attacks

8 Prefix Hijacking Originating someone else’s prefix 12.34.0.0/16
What fraction of the Internet believes it? 1 2 3 4 5 6 7 /16 /16

9 Sub-Prefix Hijacking 12.34.0.0/16 12.34.158.0/24
7 /16 /24 Originating a more-specific prefix Every AS picks the bogus route for that prefix Traffic follows the longest matching prefix

10 Interception Attack

11 Bogus AS Paths to Hide Hijacking
Adds AS hop(s) at the end of the path E.g., turns “701 88” into “ ” Motivations Evade detection for a bogus route E.g., by adding the legitimate AS to the end Hard to tell that the AS path is bogus… Even if other ASes filter based on prefix ownership 701 3 /8 88 /8

12 Path-Shortening Attacks
Remove ASes from the AS path E.g., turn “ ” into “701 88” Motivations Make the AS path look shorter than it is Attract sources that normally try to avoid AS 3715 Help AS 88 look like it is closer to the Internet’s core Who can tell that this AS path is a lie? Maybe AS 88 *does* connect to AS 701 directly 701 3715 88 ?

13 Attacks that Add a Bogus AS Hop
Add ASes to the path E.g., turn “701 88” into “ ” Motivations Trigger loop detection in AS 3715 Denial-of-service attack on AS 3715 Or, blocking unwanted traffic coming from AS 3715! Make your AS look like is has richer connectivity Who can tell the AS path is a lie? AS 3715 could, if it could see the route AS 88 could, but would it really care as long as it received data traffic meant for it? 701 88

14 Violating “Consistent Export” to Peers
Peers require consistent export Prefix advertised at all peering points Prefix advertised with same AS path length Reasons for violating the policy Trick neighbor into “cold potato” Configuration mistake Main defense Analyzing BGP updates … or data traffic … for signs of inconsistency dest Bad AS BGP data src

15 Other Attacks Attacks on BGP sessions Resource exhaustion attacks
Confidentiality of BGP messages Denial-of-service on BGP session Inserting, deleting, modifying, or replaying messages Resource exhaustion attacks Too many IP prefixes (e.g., BGP “512K Day”) Too many BGP update messages Data-plane attacks Announce one BGP routes, but use another

16 Improving BGP Security

17 Solution Techniques Protective filtering Anomaly detection
Know your neighbors Anomaly detection Suspect the unexpected Checking against registries Establish ground truth for prefix origination Signing and verifying Prevent bogus AS PATHs Data-plane verification Ensure the path is actually followed

18 Route Attestations in Secure BGP
If AS a announced path abP then b announced bP to a Comcast: (IBM) Local: (Comcast, IBM) Princeton: (Local, Comcast, IBM) Public Key Infrastructure Princeton AT&T IBM Local ISP Comcast Comcast: (IBM) Comcast: (IBM) Local: (Comcast, IBM) Public Key Signature: Anyone who knows IBM’s public key can verify the message was sent by IBM. 18

19 Discussion of the Paper
BGP Security in Partial Deployment

Download ppt "COS 561: Advanced Computer Networks"

Similar presentations

A Threat Model for BGPSEC

A Threat Model for BGPSEC
A Threat Model for BGPSEC Steve Kent BBN Technologies.

A Threat Model for BGPSEC Steve Kent BBN Technologies.
BGP Policy Jennifer Rexford.

BGP Policy Jennifer Rexford.
CSE390 – Advanced Computer Networks

CSE390 – Advanced Computer Networks
Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.

Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.

Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Interdomain Routing Security COS 461: Computer Networks Michael Schapira.

Interdomain Routing Security COS 461: Computer Networks Michael Schapira.
Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.
Internet Routing (COS 598A) Today: Routing Protocol Security Jennifer Rexford Tuesdays/Thursdays.

Internet Routing (COS 598A) Today: Routing Protocol Security Jennifer Rexford Tuesdays/Thursdays.
Inter-domain Routing security Problems Solutions.

Inter-domain Routing security Problems Solutions.
Advanced Computer Networks cs538, Fall UIUC

Advanced Computer Networks cs538, Fall UIUC
1 Interdomain Routing Security COS 461: Computer Networks Spring 2008 (MW 1:30-2:50 in COS 105) Jennifer Rexford Teaching Assistants: Sunghwan Ihm and.

1 Interdomain Routing Security COS 461: Computer Networks Spring 2008 (MW 1:30-2:50 in COS 105) Jennifer Rexford Teaching Assistants: Sunghwan Ihm and.
Computer Networks Layering and Routing Dina Katabi

Computer Networks Layering and Routing Dina Katabi
Yaping Zhu with: Jennifer Rexford (Princeton University) Subhabrata Sen and Aman Shaikh (AT&T Labs-Research) Impact of Prefix-Match.

Yaping Zhu with: Jennifer Rexford (Princeton University) Subhabrata Sen and Aman Shaikh (AT&T Labs-Research) Impact of Prefix-Match.
9/15/2015CS622 - MIRO Presentation1 Wen Xu and Jennifer Rexford Department of Computer Science Princeton University Chuck Short CS622 Dr. C. Edward Chow.

9/15/2015CS622 - MIRO Presentation1 Wen Xu and Jennifer Rexford Department of Computer Science Princeton University Chuck Short CS622 Dr. C. Edward Chow.

Similar presentations

Ads by Google