Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advanced Computer Networks cs538, Fall UIUC

Published byFay Benson Modified over 9 years ago

Similar presentations

Presentation on theme: "Advanced Computer Networks cs538, Fall UIUC"— Presentation transcript:

1 Advanced Computer Networks cs538, Fall 2014 @ UIUC
Klara Nahrstedt Lecture 11, October 2, 2014 Based on A Survey of BGP Security Issues and Solutions, Butler et al, Proceedings of the IEEE, 2010 Prior , lecture material by Brighten Godfrey and Matt Caesar Worldwide Infrastructure Security Report, Arbor Networks Inc Special Report, Volume IX, October 2012 to October 2013

2 Announcements Midterm – Take-Home Exam
Exam will be posted Monday, October 6, 8am on Piazza Deadline for Midterm submission will be Wednesday, October 8, 8am. Exam must be individual effort (no group work) !!! Exam must be written and submitted electronically (pdf) to Exam will include questions from mandatory papers from August 28 to October 2. Mandatory paper is the first paper in each lecture.

3 Outline BGP Attacks BGP Security Solutions

4 Network security Where was security in the design of the original Internet protocols? Virtually nowhere! All the core protocols (IP, TCP, DNS, BGP) have trivial, glaring vulnerabilities When security really matters, rely on end-to-end mechanisms Public key cryptography & certificate authorities With e2e security, what can an attack on BGP still do?

5 Attacks on Internet routing
Denial of service announce “more attractive” path (what does that mean?) e.g., more-specific prefix; shorter path; “cheaper” path Eavesdropping like DoS, a kind of traffic attraction but somehow get data to destination or impersonate it Evasion of accountability steal someone’s prefix or an unused one; send spam; disappear! What are some of the BGP attacks? At least three categories

6 BGP Refresh IP Prefixes and AS numbers
Announcement messages to advertise new route is available Withdrawal messages to advertise that route does not exist anymore Path-vector routing

7 IP Prefixes and AS Numbers - Attacks
Announcement of prefix /16 originating from valid AS6 (a) regular announcement, (b) malicious advertisement from AS1

8 BGP Security Attacks Attacks on IP Prefixes and AS Numbers
Prefix hijacking Black Hole Impersonate attack Interception attack Attacks on TCP as BGP Transport Attacks on confidentiality (eavesdrop) Attacks on integrity (man in the middle, modify and replay attacks) Deaggregation Attack : Because AS1 advertises longer prefix for address block /17, it will be preferred over longer advertised block /16 even if it is invalid (example: Pakistan Telecom attack on YouTube)

9 BGP Security Today Byzantine Problems – need Byzantine Robustness
Existing Security Solutions Cryptographic techniques for BGP Security Pairwise keys , cryptographic hash functions, message authentication codes, public key infrastructure, certificates and attestations, Protecting BGP Sessions Between Pairs of Routers MD5 Integrity, Session and Message Protection, IPSec, Generalized TTL Security Mechanism Others Generalized TTL Security Mechanism

10 Best Current Practices within Network Infrastructure

11 Three approaches to BGP security
1. Defensive filtering 2. Secure BGP (S-BGP) Many others not discussed here Active area of research over the last decade Many tradeoffs, especially in deployment issues

12 1. Defensive filtering Most commonly used class of techniques
Typical implementation Filter routes received from customers/peers Requires assumptions about what they should be advertising Imperfect, requires human maintenance Arbor Networks survey 2012: 76% filter from customers 55% filter from peers 57% monitor for hijacks Arbors Networks survey 2013

13 1. Defensive filtering filtering difficult filtering feasible
Tier 1’s Mid-tier Easy for “stub” customers to whom you delegated a prefixHard for customers with customers of their own, multiple changing sets of prefixes, etc. filtering feasible Stub / Leaf

14 1. Defensive filtering Pretty Good BGP [Karlin, Forrest, Rexford, ICNP’06] Deprioritize “novel” routes for a period (e.g. 24 hours) Routers prefer older (known) routes May still pick new route if it’s the only option Why does this help? Advantages Raises the bar for attacker: route must persist Gives time for response No protocol changes for deployment Disadvantages?

15 1. Defensive filtering Pretty Good BGP [Karlin, Forrest, Rexford, ICNP’06] Take-away points Prioritization is important: not just good vs. bad route Think about human-level solutions # suspicious advertisements is only about 50/day vs. O(400k/day) total Average number of Announcements (per day) Classified as suspicious using suspicious period Of 1 day and variety of history periods

16 2. S-BGP Scheme Deployment challenges
Origin Authentication + hop-by-hop cryptographic validation Deployment challenges Requires PKI Requires significant computational resources Route Attestation in S-BGP. As UPDATE messages are passed between Peers, the receiving peer signs the received message before passing it To another neighbor. Result is “Onion-style attestation that contains Signatures from all routers along the path. [Diagram from Butler, Farley, McDaniel, Rexford, Proc. IEEE, 2010]

17 Not just malicious attackers
Many or most high-profile outages likely just configuration errors Natural correspondence between attackers and bugs behavior unknown ahead of time defense is to limit and contain worst-case effects What about a bug in the protocol? worst-case scenario: zero-day exploit on large fraction of routers across the entire Internet many are running the same software! Better assume the worst... Bugs aren’t just in config, you know. Could also be in protocol or implementation of it.

18 Case Study of BGP Problems
Thai telecom Communications Authority of Thailand (AS4651) – CAT Telecom – was completely offline for over three hours on Saturday during the Government’s crackdown on the protestors. In series of three outages, CAT stopped providing Internet transit to 204 routes at 8:30 UTC, 207 routes At 8:48 UTC and finally lost service to 906 routes At 8:52 UTC. In total, the outages left Thailand with 32% of its Internet path down until restoration occurred at 12:11 UTC.

19 Discussion Many flaws in routing. Which are critical?
Incentives to adopt secure routing? Partial deployment crucial. Issues? Given all this, why does the Internet work so well?

Download ppt "Advanced Computer Networks cs538, Fall UIUC"

Similar presentations

A Threat Model for BGPSEC

A Threat Model for BGPSEC
A Threat Model for BGPSEC Steve Kent BBN Technologies.

A Threat Model for BGPSEC Steve Kent BBN Technologies.
CSE390 – Advanced Computer Networks

CSE390 – Advanced Computer Networks
Advanced Computer Networks cs538, Fall UIUC Klara Nahrstedt Lecture 7, September 16, 2014 Based on M. Caesar, J. Rexford, “BGP Routing Policies.

Advanced Computer Networks cs538, Fall UIUC Klara Nahrstedt Lecture 7, September 16, 2014 Based on M. Caesar, J. Rexford, “BGP Routing Policies.
A Survey of BGP Security: Issues and Solutions Butler, Farley, McDaniel, Rexford Kyle Super CIS 800/003 October 3, 2011.

A Survey of BGP Security: Issues and Solutions Butler, Farley, McDaniel, Rexford Kyle Super CIS 800/003 October 3, 2011.
Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.

Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.
Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Availability Centric Routing (ACR) Robust Interdomain Routing Without BGP Security July 25 th, 2006.

Availability Centric Routing (ACR) Robust Interdomain Routing Without BGP Security July 25 th, 2006.
Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.

Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
1 Towards Secure Interdomain Routing For Dr. Aggarwal 60-592 Win 2004.

1 Towards Secure Interdomain Routing For Dr. Aggarwal Win 2004.
Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.

Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Interdomain Routing Security COS 461: Computer Networks Michael Schapira.

Interdomain Routing Security COS 461: Computer Networks Michael Schapira.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Centre for Wireless Communications University of Oulu, Finland

Centre for Wireless Communications University of Oulu, Finland
Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Similar presentations

Ads by Google