Losing Control of the Internet: Using the Data Plane to Attack the Control Plane
The Internet
• Data Plane• Control Plane
Autonomous Systems
• Core ASes• Fringe ASes• Transit ASes
Border Gateway Protocol
• Connects Different ASes• Defines Route Selection• Updates
Performance of BGP
• Loss of Nodes• Re-advertisements• Route flapping• Mitigating Route Flapping
Coordinated Cross Plane Session Termination Attack
• Targeted Route Flapping• Targets BGP sessions• Attacks Transit ASes• Process• Effects
Attacker Model
• Unprivileged Adversary• Does not control BGP speakers• Generate Control Plane Events• Botnet
Selecting Targets
• Centrality measures• Traceroutes by Bots• Getting around ECMP routing
CXPST and Dynamic Networks
• CXPST changes network topology• Issues?• Compensation
Beating Defenses
• BGP Graceful Restart• Minimal Route Advertisement Intervals• Route Flapping Damper
Simulation
• Topology of the Network• The Botnet• BGP Update Generation• Time to Process Updates
Simulation Results
Possible Defenses
• BGP Graceful Restart• Route Flap Dampening
Stopping Session Failure
• Disabling Holds• Service Class• Deployment Issues
Attack Prevention
• Interdomain Routing• Traffic Filtering• Packet Marking• Schedulers• DoS flooding Defenses• Surge Protection• Pushback• Phalanx
All Fail!
Discussions
• Route Flapping Control• Denial of Service Defenses• Network Complexities• Long Term Defenses
Conclusions
• Control plane is vulnerable• No currently deployable solution• Short and long term solutions
Top Related