1
SECURING BGP – A LITERATURE SURVEY Presented by:
Tony Reveldez
GEOFF HUSTON
B.Sc., M.Sc.Australian National
University
MATTIA ROSSI
B.Eng.,M.Sc.Leopold-
Franzens-Universitaet
GEOFF ARMITAGE B.Sc., PhD.Swinburne
University of Technology
2
Border Gateway Protocol
What is it? iBGP vs eBGP TCP/IP Distant Vector Routing
Path Vector Routing
Route Selection Process Messages
AS Path
3
BGP Threat Model
Securing the BGP Session Injection, eavesdropping, delay messages, replay
Verifying BGP Identity Are you really who you claim to be?
Verifying BGP Information Is your information complete?
Verifying Forwarding Paths Is my information accurate?
4
Consequences of Attacks on the Routing System
Denial of Service
the potential to masquerade Address Stealing
The ability to eavesdrop
www.fireblog.com
5
Securing BGP
The Security Toolset Security Requirements
Securing the data payload and semanticsPiecemeal incremental deployment
Approaches to Securing BGPsBGP, soBGP, psBGP, pgBGP, IRV
6
Approaches to Securing BGP
Securing the operation of BGPTCP sessionGTSMTCP MD5IPSEC
Security in the Data Level
7
Securing the Integrity of BGP Data
sBGP soBGP
psBGP
IRV pgBGP
8
State of BGP Security
As the table shows, of all proposals, only a few have been implemented and mostly not deployed
Top Related