Presentation is loading. Please wait.

Presentation is loading. Please wait.

BGP Attack Tree draft-convery-bgpattack-00.txt

Published byEleanore Banks Modified over 8 years ago

Similar presentations

Presentation on theme: "BGP Attack Tree draft-convery-bgpattack-00.txt"— Presentation transcript:

1 BGP Attack Tree draft-convery-bgpattack-00.txt http://trinux.sourceforge.net/draft-convery-bgpattack-00.html http://trinux.sourceforge.net/draft-convery-bgpattack-00.txt Sean Convery David Cook Matt Franz

2 Motivations Develop formal analysis of potential threats to and using BGP Create threat profile useful for evaluating BGP security improvements Provide foundation for vulnerability testing of new and existing BGP implementations Facilitate repeatable testing methodology by third parties Organize the material in a modular and reusable way

3 Why Attack Trees? Provide well documented method of exploring every possibility an adversary has (technical and non-technical). Data presentation in tree format allows: –Easy gap identification –Selective elaboration based on location in the tree –Ability to assign attributes for nodes of the tree: Impact of the attack Ease of attack execution Cost of the attack Presence of countermeasures (such as best practices) Access/trust requirements to conduct attack http://www.ddj.com/documents/s=896/ddj9912a/9912a.htm http://www.cert.org/archive/pdf/01tn001.pdf

4 Attack Tree Example Goal: Gain unauthorized physical access to building Attack: OR 1. Unlock door with key OR 1. Steal Key 2. Social Engineering OR 1. Borrow key 2. Convince locksmith to unlock door 2. Pick lock 3. Break window 4. Follow authorized individual into building OR 1. Act like you belong and follow someone else 2. Befriend someone authorized outside a building 3. Appear in need of assistance (such as carrying a large box) AND 4. Wear appropriate clothing for the location

5 Attack Tree Example (Graphical) Graphic tree representations are generated from the source attack tree. Blue = OR Red = AND

6 Reset a Single BGP Session Attack: OR 1. Send message to router causing reset OR 1. Send RST message to TCP stack 2. Send BGP Message OR 1. Notify 2. Open 3. Keepalive AND 3. TCP Sequence number Attack (Appendix A.4) 2. Alter configuration via compromised router (Appendix A.1)

7 Reset a Single BGP Session (Graphical) Blue = OR Red = AND

8 Next Steps Incorporate feedback on draft Ensure completeness of attack tree Coordinate with other threat drafts Thanks!

Download ppt "BGP Attack Tree draft-convery-bgpattack-00.txt"

Similar presentations

OCTAVESM Process 4 Create Threat Profiles

OCTAVESM Process 4 Create Threat Profiles
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: Big data security evaluation UNIFI-CNR Nicola Nostro, Andrea.

Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: "Big data security evaluation" UNIFI-CNR Nicola Nostro, Andrea.
Jeanne H. Espedalen Attack Trees Describing Security in Distributed Internet-Enabled Metrology.

Jeanne H. Espedalen Attack Trees Describing Security in Distributed Internet-Enabled Metrology.
(Project) SIGN OFF PROCESS June 21, 2010

(Project) SIGN OFF PROCESS June 21, 2010
Information Security Policies and Standards

Information Security Policies and Standards
Component-Level Design

Component-Level Design
These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 6/e and are provided with permission by.

These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 6/e and are provided with permission by.
TechMIS LLC Proprietary Tracking Requirements And Compliance Engineering (TRACE ) Steve Collier/B. Squires/TechMIS LLC An affordable and user friendly.

TechMIS LLC Proprietary Tracking Requirements And Compliance Engineering (TRACE ) Steve Collier/B. Squires/TechMIS LLC An affordable and user friendly.
Internet Technology: A Sampler Ramesh Johari Massachusetts Institute of Technology

Internet Technology: A Sampler Ramesh Johari Massachusetts Institute of Technology
By: Ashwin Vignesh Madhu

By: Ashwin Vignesh Madhu
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Every Solution Consultancy ISO 9001:2008 Certification IMPLEMENTATION Web:

Every Solution Consultancy ISO 9001:2008 Certification IMPLEMENTATION Web:
Www.softwaretestinggenius.com Understanding of Automation Framework A Storehouse of Vast Knowledge on Software Testing and Quality Assurance.

Understanding of Automation Framework A Storehouse of Vast Knowledge on Software Testing and Quality Assurance.
Application Threat Modeling Workshop

Application Threat Modeling Workshop
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak.

Information Security Awareness Levels of TAFE South Australia Employees Hong Chan Bachelor of IT ( Honours ) Supervisor: Dr Sameera Mubarak.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”.

Similar presentations

Ads by Google