Detecting Selective Dropping Attacks in BGP

Author

Chuah, M. ; Huang, K.

Author_Institution

Dept. of Comput. Sci. & Eng., Lehigh Univ., Bethlehem, PA

fYear

2006

Firstpage

959

Lastpage

966

Abstract

Previous studies have shown that current inter-domain routing protocol, border gateway protocol (BGP), is vulnerable to various attacks. Initially, the major concern about BGP security is that malicious BGP routers can arbitrarily falsify BGP routing messages and spread incorrect routing information. Recently, some authors have pointed out the impact of a type of attack, namely selective dropping attack that has not studied before. The authors have shown that such an attack can result in data traffic being blackholed or trapped in a loop. However, the authors did not elaborate on how one can detect selective dropping attacks. In this paper, we present a scheme we designed to detect selective dropping attacks in BGP. We conducted extensive experiments in DETER to evaluate the effectiveness of our scheme using three 30-node AS topologies generated from Brite. Our study shows that our scheme is quite promising

Keywords

Internet; routing protocols; telecommunication security; telecommunication traffic; BGP security; Internet routing security; border gateway protocol; data traffic; routing protocol; selective dropping attacks; Costs; Cryptography; Data security; Information security; Internet; Monitoring; Network topology; Protection; Routing protocols; Telecommunication traffic; BGP; Internet Routing Security; Selective Dropping Attacks;

fLanguage

English

Publisher

ieee

Conference_Titel

Local Computer Networks, Proceedings 2006 31st IEEE Conference on

Conference_Location

Tampa, FL

ISSN

0742-1303

Print_ISBN

1-4244-0418-5

Electronic_ISBN

0742-1303

Type

conf

DOI

10.1109/LCN.2006.322209

Filename

4116686