14 research outputs found
ARTEMIS: Real-Time Detection and Automatic Mitigation for BGP Prefix Hijacking
Prefix hijacking is a common phenomenon in the Internet that often causes
routing problems and economic losses. In this demo, we propose ARTEMIS, a tool
that enables network administrators to detect and mitigate prefix hijacking
incidents, against their own prefixes. ARTEMIS is based on the real-time
monitoring of BGP data in the Internet, and software-defined networking (SDN)
principles, and can completely mitigate a prefix hijacking within a few minutes
(e.g., 5-6 mins in our experiments) after it has been launched
The Abandoned Side of the Internet: Hijacking Internet Resources When Domain Names Expire
The vulnerability of the Internet has been demonstrated by prominent IP
prefix hijacking events. Major outages such as the China Telecom incident in
2010 stimulate speculations about malicious intentions behind such anomalies.
Surprisingly, almost all discussions in the current literature assume that
hijacking incidents are enabled by the lack of security mechanisms in the
inter-domain routing protocol BGP. In this paper, we discuss an attacker model
that accounts for the hijacking of network ownership information stored in
Regional Internet Registry (RIR) databases. We show that such threats emerge
from abandoned Internet resources (e.g., IP address blocks, AS numbers). When
DNS names expire, attackers gain the opportunity to take resource ownership by
re-registering domain names that are referenced by corresponding RIR database
objects. We argue that this kind of attack is more attractive than conventional
hijacking, since the attacker can act in full anonymity on behalf of a victim.
Despite corresponding incidents have been observed in the past, current
detection techniques are not qualified to deal with these attacks. We show that
they are feasible with very little effort, and analyze the risk potential of
abandoned Internet resources for the European service region: our findings
reveal that currently 73 /24 IP prefixes and 7 ASes are vulnerable to be
stealthily abused. We discuss countermeasures and outline research directions
towards preventive solutions.Comment: Final version for TMA 201
ROVER: a DNS-based method to detect and prevent IP hijacks
2013 Fall.Includes bibliographical references.The Border Gateway Protocol (BGP) is critical to the global internet infrastructure. Unfortunately BGP routing was designed with limited regard for security. As a result, IP route hijacking has been observed for more than 16 years. Well known incidents include a 2008 hijack of YouTube, loss of connectivity for Australia in February 2012, and an event that partially crippled Google in November 2012. Concern has been escalating as critical national infrastructure is reliant on a secure foundation for the Internet. Disruptions to military, banking, utilities, industry, and commerce can be catastrophic. In this dissertation we propose ROVER (Route Origin VERification System), a novel and practical solution for detecting and preventing origin and sub-prefix hijacks. ROVER exploits the reverse DNS for storing route origin data and provides a fail-safe, best effort approach to authentication. This approach can be used with a variety of operational models including fully dynamic in-line BGP filtering, periodically updated authenticated route filters, and real-time notifications for network operators. Our thesis is that ROVER systems can be deployed by a small number of institutions in an incremental fashion and still effectively thwart origin and sub-prefix IP hijacking despite non-participation by the majority of Autonomous System owners. We then present research results supporting this statement. We evaluate the effectiveness of ROVER using simulations on an Internet scale topology as well as with tests on real operational systems. Analyses include a study of IP hijack propagation patterns, effectiveness of various deployment models, critical mass requirements, and an examination of ROVER resilience and scalability
RAPTOR: Routing Attacks on Privacy in Tor
The Tor network is a widely used system for anonymous communication. However,
Tor is known to be vulnerable to attackers who can observe traffic at both ends
of the communication path. In this paper, we show that prior attacks are just
the tip of the iceberg. We present a suite of new attacks, called Raptor, that
can be launched by Autonomous Systems (ASes) to compromise user anonymity.
First, AS-level adversaries can exploit the asymmetric nature of Internet
routing to increase the chance of observing at least one direction of user
traffic at both ends of the communication. Second, AS-level adversaries can
exploit natural churn in Internet routing to lie on the BGP paths for more
users over time. Third, strategic adversaries can manipulate Internet routing
via BGP hijacks (to discover the users using specific Tor guard nodes) and
interceptions (to perform traffic analysis). We demonstrate the feasibility of
Raptor attacks by analyzing historical BGP data and Traceroute data as well as
performing real-world attacks on the live Tor network, while ensuring that we
do not harm real users. In addition, we outline the design of two monitoring
frameworks to counter these attacks: BGP monitoring to detect control-plane
attacks, and Traceroute monitoring to detect data-plane anomalies. Overall, our
work motivates the design of anonymity systems that are aware of the dynamics
of Internet routing
CAIR: Using Formal Languages to Study Routing, Leaking, and Interception in BGP
The Internet routing protocol BGP expresses topological reachability and
policy-based decisions simultaneously in path vectors. A complete view on the
Internet backbone routing is given by the collection of all valid routes, which
is infeasible to obtain due to information hiding of BGP, the lack of
omnipresent collection points, and data complexity. Commonly, graph-based data
models are used to represent the Internet topology from a given set of BGP
routing tables but fall short of explaining policy contexts. As a consequence,
routing anomalies such as route leaks and interception attacks cannot be
explained with graphs.
In this paper, we use formal languages to represent the global routing system
in a rigorous model. Our CAIR framework translates BGP announcements into a
finite route language that allows for the incremental construction of minimal
route automata. CAIR preserves route diversity, is highly efficient, and
well-suited to monitor BGP path changes in real-time. We formally derive
implementable search patterns for route leaks and interception attacks. In
contrast to the state-of-the-art, we can detect these incidents. In practical
experiments, we analyze public BGP data over the last seven years
Securing Internet Applications from Routing Attacks
Attacks on Internet routing are typically viewed through the lens of
availability and confidentiality, assuming an adversary that either discards
traffic or performs eavesdropping. Yet, a strategic adversary can use routing
attacks to compromise the security of critical Internet applications like Tor,
certificate authorities, and the bitcoin network. In this paper, we survey such
application-specific routing attacks and argue that both application-layer and
network-layer defenses are essential and urgently needed. While
application-layer defenses are easier to deploy in the short term, we hope that
our work serves to provide much needed momentum for the deployment of
network-layer defenses
Масштабні атаки на децентралізовані системи, що побудовані на однорангових пірингових мережах
This paper presents the scenarios of large-scale attacks on the decentralized systems in the case of cryptocurrency Bitcoin, which are based on the vulnerability of the protocol BGP and excessive centralization of the first level of architecture of these systems.Представлені сценарії масштабних атак на децентралізовані системи на прикладі криптовалюти Bitcoin, які основані на вразливостях протоколу BGP та надмірній централізації першого рівня архітектури даних систе
Масштабні атаки на децентралізовані системи, що побудовані на однорангових пірингових мережах
Представлені сценарії масштабних атак на децентралізовані системи на прикладі криптовалюти Bitcoin, які основані на вразливостях протоколу BGP та надмірній централізації першого рівня архітектури даних систем.This paper presents the scenarios of large-scale attacks on the decentralized systems in the case of cryptocurrency Bitcoin, which are based on the vulnerability of the protocol BGP and excessive centralization of the first level of architecture of these systems