Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

We present a detailed study of the potential impact of border gateway protocol peering session attacks and the resulting exploitation of route flap damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic autonomous system (AS) topologies and address the impact of various typical service provider routing policies. Our modeling focuses on three dimensions of routing performance sensitivity: 1) protocol aware attacks (e.g., tuned to RFD); 2) route selection policy; and 3) attack-region topology. Analytical results provide insights into the nature of the problem and potential impact of the attacks. Detailed packet-level simulation results complement the analytical models and provide many additional insights into specific protocol interactions and timing issues. Finally, we quantify the potential effect of the BGP graceful restart mechanism as a partial mitigation of the BGP vulnerability to peering session attacks

[1]  Greg Goth Fixing BGP Might Be Difficult--Or Not So Tough , 2003, IEEE Internet Comput..

[2]  David M. Nicol,et al.  An analysis of convergence properties of the border gateway protocol using discrete event simulation , 2003 .

[3]  Deborah Estrin,et al.  Persistent route oscillations in inter-domain routing , 2000, Comput. Networks.

[4]  Joseph Kee-yin Ng,et al.  Extensions to BGP to Support Secure Origin BGP , 2004 .

[5]  Douglas C. Montgomery,et al.  Characterizing the Risks and Costs of BGP Insecurity/Security | NIST , 2005 .

[6]  Enke Chen,et al.  Graceful Restart Mechanism for BGP , 2007, RFC.

[7]  Andy Heffernan,et al.  Protection of BGP Sessions via the TCP MD5 Signature Option , 1998, RFC.

[8]  Daniel Massey,et al.  Observation and analysis of BGP behavior under stress , 2002, IMW '02.

[9]  Vishal Misra,et al.  Network Resilience: Exploring Cascading Failures within BGP∗ , 2006 .

[10]  Ramesh Govindan,et al.  Route flap damping exacerbates internet routing convergence , 2002, SIGCOMM 2002.

[11]  Sean Convery,et al.  An Attack Tree for the Border Gateway Protocol , 2003 .

[12]  Steven M. Bellovin,et al.  Using Link Cuts to Attack Internet Routing , 2003 .

[13]  Constantinos Dovrolis,et al.  Beware of BGP attacks , 2004, CCRV.

[14]  Ramesh Govindan,et al.  BGP Route Flap Damping , 1998, RFC.

[15]  Jennifer Rexford,et al.  A Survey of BGP Security , 2005 .

[16]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[17]  Wei Shen,et al.  BGP ROUTE FLAP DAMPING ALGORITHMS , 2006 .

[18]  David M. Nicol,et al.  A BGP attack against traffic engineering , 2004, Proceedings of the 2004 Winter Simulation Conference, 2004..

[19]  Daniel Massey,et al.  BGP-RCN: improving BGP convergence through root cause notification , 2005, Comput. Networks.

[20]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[21]  Volker Roth,et al.  Listen and whisper: security mechanisms for BGP , 2004 .

[22]  Ke Zhang,et al.  An analysis on selective dropping attack in BGP , 2004, IEEE International Conference on Performance, Computing, and Communications, 2004.

[23]  David A. Maltz,et al.  Network-Wide Decision Making: Toward A Wafer-Thin Control Plane , 2004 .