Owning the Routing Table –

نویسندگان

  • Alex Kirshon
  • Gabi Nakibly
چکیده

Open Shortest Path First (OSPF) is the most popular interior gateway routing protocol on the Internet. Most of the known OSPF attacks are based on falsifying the link state advertisement (LSA) of an attacker-controlled router. These attacks may create serious damage if the attacker-controlled router is strategically located. However, these attacks can only falsify a small portion of the routing domain's topology; hence their effect is usually limited. More powerful attacks are the ones that affect LSAs of other routers not controlled by the attacker. However, these attacks usually trigger the ``fight-back" mechanism by the victim router which advertises a correcting LSA, making the attacks' effect non-persistent. In this work we present new attacks that exploit design vulnerabilities in the protocol specification. These new attacks can affect the LSAs of routers not controlled by the attacker while evading ``fight-back". These attacks afford an attacker a greater power to persistently falsify large portions of the routing domain's topology. This allows an attacker to effectively own the routing tables of the routers in the AS without actually owning the routers themselves. This may be utilized to induce routing loops, network cuts or longer routes in order to facilitate DoS of the routing domain or to gain access to information flows which otherwise the attacker had no access to. The main implication of this work is the new recognition that by controlling a single router the attacker can control the entire routing domain.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Distributed Node Location in Clustered Multi-hop Wireless Networks

Wireless routing protocols are all flat routing protocols and are thus not suitable for large scale or very dense networks because of bandwidth and processing overheads they generate. A common solution to this scalability problem is to gather terminals into clusters and then to apply a hierarchical routing, which means, in most of the literature, using a proactive routing protocol inside the cl...

متن کامل

Analytical correlation of routing table length index and routing path length index in hierarchical routing model

In Kleinrock and Kamoun’s paper, the inverse relation of routing table length index and routing path length index in hierarchical routing model is illustrated. In this paper we give the analytical correlation of routing table length index and routing path length index in hierarchical routing model.

متن کامل

A High Performance Parallel IP Lookup Technique Using Distributed Memory Organization and ISCB-Tree Data Structure

The IP Lookup Process is a key bottleneck in routing due to the increase in routing table size, increasing traıc and migration to IPv6 addresses. The IP address lookup involves computation of the Longest Prefix Matching (LPM), which existing solutions such as BSD Radix Tries, scale poorly when traıc in the router increases or when employed for IPv6 address lookups. In this paper, we describe a ...

متن کامل

A High Performance Parallel IP Lookup Technique Using Distributed Memory Organization and ISCB-Tree Data Structure

The IP Lookup Process is a key bottleneck in routing due to the increase in routing table size, increasing traıc and migration to IPv6 addresses. The IP address lookup involves computation of the Longest Prefix Matching (LPM), which existing solutions such as BSD Radix Tries, scale poorly when traıc in the router increases or when employed for IPv6 address lookups. In this paper, we describe a ...

متن کامل

On characterizing BGP routing table growth

The sizes of the BGP routing tables have increased by an order of magnitude over the last six years. This dramatic growth of the routing table can decrease the packet forwarding speed and demand more router memory space. In this paper, we explore the extent that various factors contribute to the routing table size and characterize the growth of each contribution. We begin with measurement study...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2011