Internet resiliency to attacks and failures under BGP policy routing
نویسندگان
چکیده
We investigate the resiliency of the Internet at the Autonomous System (AS) level to failures and attacks, under the real constraint of business agreements between the ASs. The agreements impose policies that govern routing in the AS level, and thus the resulting topology graph is directed, and does not maintain transitivity. We show, using partial views obtained from the Internet, that the Internet’s resiliency to a deliberate attack is much smaller than previously found, and its reachability is also somewhat lower under random failures. We use different metrics to measure resiliency, and also investigate the effect of added backup connectivity on the resiliency.
منابع مشابه
CAIR: Using Formal Languages to Study Routing, Leaking, and Interception in BGP
The Internet routing protocol BGP expresses topological reachability and policy-based decisions simultaneously in path vectors. A complete view on the Internet backbone routing is given by the collection of all valid routes, which is infeasible to obtain due to information hiding of BGP, the lack of omnipresent collection points, and data complexity. Commonly, graph-based data models are used t...
متن کاملOn Evaluating BGP Routing Stress Attack
The routing system is playing a critical role in the Internet. Numerous routing security events reveal that the Internet is not so dependable yet. Some hackers even boasted that they could bring down the whole Internet in a short time. This paper investigates a new attack on BGP routing system inspired from synchronization and resonance in complex system. The attack applies routing stress by pe...
متن کاملWorking around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing
BGP is essential to the operation of the Internet, but is vulnerable to both accidental failures and malicious attacks. We propose a new protocol that works in concert with BGP, which Autonomous Systems will use to help detect and mitigate accidentally or maliciously introduced faulty routing information. The protocol differs from previous efforts at securing BGP in that it is receiver-driven, ...
متن کاملAnalyzing Internet Routing Security Using Model Checking
The goal of this work is to enhance Internet security by applying formal analysis of traffic attraction attacks on the BGP routing protocol. BGP is the sole protocol used throughout the Internet for interdomain routing, hence its importance. In attraction attacks an attacker sends false routing advertisements to gain attraction of extra traffic in order to increase its revenue from customers, d...
متن کاملUnderstanding BGP Anomalies: Detection, Analysis, and Prevention
The Border Gateway Protocol is the de-facto interdomain routing protocol in the Internet. Previous studies and various incidents have shown the vulnerability of the BGP infrastructure to a number of failures. In this paper we address a subset of the problem of BGP vulnerabilities we refer to as BGP anomalies, which can arise both as a result of mistakes by network operators and as a result of m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computer Networks
دوره 50 شماره
صفحات -
تاریخ انتشار 2006