an internet scale feasibility study of bgp poisoning
play

An Internet-Scale Feasibility Study of BGP Poisoning Jared M . - PowerPoint PPT Presentation

Sep 17, 2023 •143 likes •530 views

An Internet-Scale Feasibility Study of BGP Poisoning Jared M . Smith, Kyle Birkeland, Tyler McDaniel, Max Schuchard AIMS 2019, 4/16/18 jms@vols.utk.edu Full Paper: https://tiny.utk.edu/bgp BGP Poisoning Conflicting research, not actively

  1. An Internet-Scale Feasibility Study of BGP Poisoning Jared M . Smith, Kyle Birkeland, Tyler McDaniel, Max Schuchard AIMS 2019, 4/16/18 jms@vols.utk.edu Full Paper: https://tiny.utk.edu/bgp

  2. BGP Poisoning • Conflicting research, not actively measured: • Smith et al. Nyx (S&P ‘18) vs. Feasible Nyx Tran et al. (S&P ‘19) • Schuchard et al. RAD (CCS ‘12) vs. Nasr et al. Waterfall of Decoys (CCS’ 17) • Existing research, limited measurements: • Anwar et al. Interdomain Policies (IMC ‘15) • Katz-Basset et al. LIFEGUARD (SIGCOMM ’12) • Existing research, dated measurements: • Bush et al. Internet Optometry (IMC ‘09) • Specifications versus reality • BGP RFC best practices doc recommends filtering over 50 AS-path length • Community forums and BGP observations show paths over 50 Full Paper: https://tiny.utk.edu/bgp

  3. We aim to resolve these issues, highlight discrepancies, evaluate accuracy of BGP simulation/emulation, and inspire future BGP poisoning work, with active measurements and analysis.

  4. Our Approach De tour Pa th D iscovery S ystem • Executes BGP Poisoning for arbitrary steered AS • Can be executed from any BGP router for specified prefix • Entirely done with software • Coordinated through globally distributed infrastructure Full Paper: https://tiny.utk.edu/bgp

  5. Infrastructure Infrastructure Source 5 BGP routers PEERING and UT 8 IP prefixes PEERING and UT 5,000+ distinct vantage points RIPE ATLAS 3 countries US, Amsterdam, Brazil 32 BGP collectors CAIDA BGPStream* *Collects BGP Updates from RouteViews and RIPE RIS Full Paper: https://tiny.utk.edu/bgp

  6. In total, we measure 1,460 instances of BGP poisoning across 3% of ASes on the Internet . (Largest BGP Poisoning sample size in any existing literature)

  7. Active Measurements • Ability to re-route across entire original AS-path • Real-world comparison with prior simulations • Predicting who can re-route w/ BGP poisoning • Filtering of poisoned routes • Routing Working Groups behavior • Default route prevalence • Reachability of /25’s Full Paper: https://tiny.utk.edu/bgp

  8. BACKGROUND

  9. BGP Poisoning 2 3 Victim AS 1 4 Critical AS

  10. BGP Poisoning 2 3 Victim AS 1 4 Critical AS

  11. BGP Poisoning 2 Prefer 2 over 4 3 Victim AS 1 4 Critical AS

  12. BGP Poisoning Want to Avoid 2 Prefer 2 over 4 3 Victim AS 1 4 Critical AS

  13. BGP Poisoning AS Path: 1, 2, 1 2 Prefer 2 over 4 3 Victim AS 1 4 Critical AS

  14. BGP Poisoning AS Path: 1, 2, 1 2 Prefer 2 over 4 3 Victim AS 1 4 Critical AS AS Path: 4, 1, 2, 1

  15. BGP Poisoning LOOP! *dropping* AS Path: 1, 2, 1 2 Prefer 2 over 4 3 Victim AS 1 4 Critical AS AS Path: 4, 1, 2, 1

  16. BGP Poisoning LOOP! *dropping* AS Path: 1, 2, 1 2 3 Victim AS 1 4 Critical AS AS Path: 4, 1, 2, 1

  17. BGP Poisoning LOOP! *dropping* AS Path: 1, 2, 1 2 Now prefers 4 over 2 3 Victim AS 1 4 Critical AS AS Path: 4, 1, 2, 1

  18. BGP Poisoning LOOP! *dropping* AS Path: 1, 2, 1 2 Now prefers 4 over 2 3 Victim AS 1 Works with normal BGP 4 and no assistance Critical AS needed from providers! AS Path: 4, 1, 2, 1

  19. IS IT FEASIBLE?

  20. How well can we re-route?

  21. How performant are FRRP paths?

  22. Emulation of BGP Poisoning vs. Practice 20+%

  23. Graph-Theoretic Analysis of Return Paths • Low min. cut means • Tier 1 ASes with inf. weight à • Avg. Betweenness of 0.667 bottlenecks that Nyx/RAD bottlenecks not result of single • Paths are not completely identical cannot avoid unavoidable provider • There is some diversity, but • For 90% of links, a bottleneck • Within unweighted min cut à bottlenecks exist of at most 2 links occurs widely differing barriers to cut based on bandwidth

  24. WHO CAN RE-ROUTE?

  25. How well can we predict success with FRRP?

  26. What link and AS properties are important for FRRP?

  27. A Deeper Look at the Most Important Feature Poisoning AS Next-Hop AS Rank High Rank Matters

  28. HOW MUCH CAN WE POISON?

  29. How long can poisoned paths be? ~75%

  30. WHO FILTERS POISONS?

  31. Filtering by Large ISPs Large window

  32. Filtering by Small ISPs + Stubs Small window

  33. Do the Policy Leaders “ Walk the Walk ”? “Mutually Agreed Norms for Routing Security” Selected Participants (total=146): CenturyLink • • Charter Cogent • • Google • Indiana U. … •

  34. Does AS-Degree of the Poisoned AS affect Filtering? Origin AS HighDegree AS Origin AS …(in increments of 5)… Origin AS SmallDegree AS Origin AS

  35. DEFAULT ROUTES AND REACHIBILITY (NOW VS. 2009)

  36. Default Route Metrics Comparison 2009*: 77% of Stubs had default routes (out of 24,224 with ping ) 2018: 36.7% of Stubs had default routes (out of 845 with traceroute ) *Bush et al. Internet Optometry, IMC 2009 Full Paper: https://tiny.utk.edu/bgp

  37. Reachibility of /25 vs. /24 Comparison 2009*: 1% of BGP Monitors Saw (11/615), 5% Data-Plane Reachability 2018: 50% of BGP Monitors Saw (21/37), 31% Data-Plane Reachability *Bush et al. Internet Optometry, IMC 2009 Full Paper: https://tiny.utk.edu/bgp

  38. Where do we go from here? • BGP poisoning can provide helpful functionality • Allows exertion of unconventional behavior with a conventional protocol • Open Questions for AIMS: • Deployment/Usage: Where? For what? Integration : CAIDA systems? NANOG/RIPE/etc.? MANRS? • Collaboration : Always interested in extending to new use cases/measurements. • Jared M. Smith Twitter jaredthecoder Email jms@vols.utk.edu Web volsec.org Full Paper: https://tiny.utk.edu/bgp

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

VI. The Feasibility Study VI. The Feasibility Study What is a feasibility study? What is a

VI. The Feasibility Study VI. The Feasibility Study What is a feasibility study? What is a

Basi di Dati e Sistemi Informativi II VI. The Feasibility Study VI. The Feasibility Study What is a feasibility study? What is a feasibility study? What to study and conclude? What to study and conclude? Benefits and costs Benefits and costs

838 views • 34 slides
FEASIBILITY STUDY ON DEPLOYMENT OF FEASIBILITY STUDY ON DEPLOYMENT OF THE FIRST UNIT OF RUTA-

FEASIBILITY STUDY ON DEPLOYMENT OF FEASIBILITY STUDY ON DEPLOYMENT OF THE FIRST UNIT OF RUTA-

International Conference on Non-Electric Applications of Nuclear Power: Seawater Desalination, Hydrogen Production and other Industrial Applications 16 19 April 2007, Oarai, Japan FEASIBILITY STUDY ON DEPLOYMENT OF FEASIBILITY STUDY ON

431 views • 21 slides
Feasibility of an Internet Clinic for Trea3ng and Preven3ng

Feasibility of an Internet Clinic for Trea3ng and Preven3ng

Feasibility of an Internet Clinic for Trea3ng and Preven3ng Pressure Ulcers Dr. Dalton Wolfe PhD Study Objec3ves & Design Primary Objec3ve Implement

332 views • 6 slides
FULLER FARLEY Pre-Feasibility Study Pursuant to the Fuller-Farley pre-feasibility study

FULLER FARLEY Pre-Feasibility Study Pursuant to the Fuller-Farley pre-feasibility study

FULLER FARLEY Pre-Feasibility Study Pursuant to the Fuller-Farley pre-feasibility study initial findings, prepared by architectural firm bh+a, and in conjunction with preliminary enrollment projections provided by the New England School

476 views • 28 slides
HEIDELBERG SPORTS VILLAGE FEASIBILITY STUDY GOALS OF THE FEASIBILITY STUDY: 1. DEVELOP A STATE

HEIDELBERG SPORTS VILLAGE FEASIBILITY STUDY GOALS OF THE FEASIBILITY STUDY: 1. DEVELOP A STATE

HEIDELBERG SPORTS VILLAGE FEASIBILITY STUDY GOALS OF THE FEASIBILITY STUDY: 1. DEVELOP A STATE OF THE ART SOCCER SPECIFIC STADIUM WITH THE TACOMA DEFIANCE AS THE ANCHOR TENANT. 2. ASSESS THE POTENTIAL FOR MIXED USE DEVELOPMENT ON THE SITE FOR

639 views • 44 slides
New Paltz, NY INTERMODAL FEASIBILITY STUDY New Paltz, NY INTERMODAL FEASIBILITY STUDY Public

New Paltz, NY INTERMODAL FEASIBILITY STUDY New Paltz, NY INTERMODAL FEASIBILITY STUDY Public

New Paltz, NY INTERMODAL FEASIBILITY STUDY New Paltz, NY INTERMODAL FEASIBILITY STUDY Public Presentation May 7, 2015 New Paltz Community Center New Paltz, NY INTERMODAL FEASIBILITY STUDY Thank you for coming this evening! Tonights

949 views • 57 slides
DC Public Bank Feasibility Study Feasibility Study Overview The District is evaluating the

DC Public Bank Feasibility Study Feasibility Study Overview The District is evaluating the

Protecting Your Financial Interests DC Public Bank Feasibility Study Feasibility Study Overview The District is evaluating the feasibility of establishing a public bank. If feasible, a public bank could enhance the Districts fiscal

131 views • 12 slides
Poisoning Networks Motjvatjon You are sittjng in an Internet Cafe at the airport heading back

Poisoning Networks Motjvatjon You are sittjng in an Internet Cafe at the airport heading back

create your own exercise Pranav Jagdish & Cristoph Hielscher Poisoning Networks Motjvatjon You are sittjng in an Internet Cafe at the airport heading back from that awesome vacatjon You are wishing your loved ones Happy New Year

581 views • 15 slides
I-345 Feasibility Study Public Meeting December 11, 2012 I-345 Bridge Feasibility Study

I-345 Feasibility Study Public Meeting December 11, 2012 I-345 Bridge Feasibility Study

I-345 Feasibility Study Public Meeting December 11, 2012 I-345 Bridge Feasibility Study December 11, 2012 1 Feasibility Study Team TxDOT Dallas

285 views • 24 slides
Route 28 Corridor Feasibility Study . Public Information Meeting Project Team and Study

Route 28 Corridor Feasibility Study . Public Information Meeting Project Team and Study

September 7, 2017 Route 28 Corridor Feasibility Study . Public Information Meeting Project Team and Study Committees Route 28 Corridor Feasibility Study Agency Involvement The study is fully funded by the Northern Virginia Transportation

930 views • 48 slides
Shared Services/Merger Feasibility Study Feasibility Study Town and Village of North Collins,

Shared Services/Merger Feasibility Study Feasibility Study Town and Village of North Collins,

Shared Services/Merger Feasibility Study Feasibility Study Town and Village of North Collins, NY Prepared by the Center for Governmental Research, Inc. This presentation

439 views • 26 slides
Agenda Leftfield Introduction MSBA feasibility study deliverables Review conceptual feasibility

Agenda Leftfield Introduction MSBA feasibility study deliverables Review conceptual feasibility

Elbridge Gerry Feasibility Study May 11, 2017 Gerry School Building Committee Meeting Agenda Leftfield Introduction MSBA feasibility study deliverables Review conceptual feasibility schedule MSBA designer selection process Review designer

544 views • 25 slides
DNS cache poisoning CZ.NIC Ondrej Filip / ondrej.filip@nic.cz Study by Emanuel Petr CZ.NIC

DNS cache poisoning CZ.NIC Ondrej Filip / ondrej.filip@nic.cz Study by Emanuel Petr CZ.NIC

DNS cache poisoning CZ.NIC Ondrej Filip / ondrej.filip@nic.cz Study by Emanuel Petr CZ.NIC labs 8 Mar 2010 ccNSO techday, Nairobi 1 Agenda DNS, DNS resolver Cache Poisoning theory Kaminsky attack Attack theory Attack

503 views • 28 slides
CARBON MONOXIDE POISONING The Silent Killer PATHOPHYSIOLOGY OF CARBON MONOXIDE 1. CO poisoning

CARBON MONOXIDE POISONING The Silent Killer PATHOPHYSIOLOGY OF CARBON MONOXIDE 1. CO poisoning

CARBON MONOXIDE POISONING The Silent Killer PATHOPHYSIOLOGY OF CARBON MONOXIDE 1. CO poisoning is the most common exposure poisoning in the United States and the rest of the world. 2. It is an odorless, colorless gas that can cause sudden

198 views • 15 slides
ON#THE#FEASIBILITY#OF#LARGE0 SCALE#INFECTIONS#OF#IOS#DEVICES#

ON#THE#FEASIBILITY#OF#LARGE0 SCALE#INFECTIONS#OF#IOS#DEVICES#

ON#THE#FEASIBILITY#OF#LARGE0 SCALE#INFECTIONS#OF#IOS#DEVICES# Tielei#Wang,#Yeongjin#Jang,#Yizheng#Chen,#Simon#Chung,#Billy#Lau,#and#Wenke#Lee,# Georgia#Institute#of#Technology# Presented#by#Sai#Tej#Kancharla# CONTENTS# ! Introduction# !

563 views • 31 slides
Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b.

Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b.

Poison and Poisoning Azwin bin Md Tumin National Poison Centre Outline a. Definition b. Forefathers of toxicology c. Famous poisoning cases d. Misconception about poisoning e. Basic principles of poisoning f. Factors influencing toxic

843 views • 16 slides
Working in the NHS www.stepintothenhs.nhs.uk/primary-schools What will you learn? You will be

Working in the NHS www.stepintothenhs.nhs.uk/primary-schools What will you learn? You will be

Working in the NHS www.stepintothenhs.nhs.uk/primary-schools What will you learn? You will be able to identify different jobs in the community You will be able to describe a range of jobs in the NHS You will be able to describe some

654 views • 41 slides
Quality Payment Program Year 4: Final Rule Highlights The information contained in this

Quality Payment Program Year 4: Final Rule Highlights The information contained in this

Quality Payment Program Year 4: Final Rule Highlights The information contained in this presentation is for general information purposes only. The information is provided by UK HealthCares Kentucky Regional Extension Center and while we

616 views • 33 slides
EMS for Children: Improving the lives of all Children Elizabeth A. Edgerton, MD, MPH, FAAP

EMS for Children: Improving the lives of all Children Elizabeth A. Edgerton, MD, MPH, FAAP

EMS for Children: Improving the lives of all Children Elizabeth A. Edgerton, MD, MPH, FAAP Director, Division of Child, Adolescent and Family Health Maternal Child Health Bureau Health Resources and Services Administration Department of

452 views • 29 slides
COVID-19 Update Executive Vice President, UC Health July 31, 2020 UC Health by the Numbers 19

COVID-19 Update Executive Vice President, UC Health July 31, 2020 UC Health by the Numbers 19

UC Health COVID-19 Response and Recovery Carrie L. Byington, MD COVID-19 Update Executive Vice President, UC Health July 31, 2020 UC Health by the Numbers 19 health professional schools (6 med schools, 2 dentistry, 4 nursing, 1 optometry, 2

439 views • 40 slides
Africa Regional Work plan IAPB Sub Saharan Africa Co-Chairs Fatima Kyari Senanu Quacoe-Wossinu

Africa Regional Work plan IAPB Sub Saharan Africa Co-Chairs Fatima Kyari Senanu Quacoe-Wossinu

Africa Regional Work plan IAPB Sub Saharan Africa Co-Chairs Fatima Kyari Senanu Quacoe-Wossinu Co-Chair Anglophone West Africa Co-Chair Francophone West Africa fatimaygk@gmail.com squaceoe@hotmail.com IAPB Sub Saharan Africa Co-Chairs

947 views • 22 slides
42 MDG Welcome SSgt Courtney Davis 4NF Flight Medicine Aethera Nobis The Skies for Us

42 MDG Welcome SSgt Courtney Davis 4NF Flight Medicine Aethera Nobis The Skies for Us

42d Air Base Wing, Maxwell AFB 42 MDG Welcome SSgt Courtney Davis 4NF Flight Medicine Aethera Nobis The Skies for Us Maxwell Medical Services Primary Care: Specialty Clinics: Trainee Health Chiropractic (self referral)

314 views • 7 slides
Outline / Objectives Pregnancy in the U.S. Epidemiology of GDM Management of GDM

Outline / Objectives Pregnancy in the U.S. Epidemiology of GDM Management of GDM

6/9/2018 Disclosures Gestational Diabetes: Pill or Shot? An Evidence-Based Update No financial disclosures related to this topic Medical Advisor to Mindchild, Celmatix Bobs Red Mill Aaron B. Caughey, MD, PhD Professor and Chair ACOG

410 views • 16 slides
My Blood Value Responses to Diet and other Activities Ben Best Pharmacy (BSc Pharm)

My Blood Value Responses to Diet and other Activities Ben Best Pharmacy (BSc Pharm)

My Blood Value Responses to Diet and other Activities Ben Best Pharmacy (BSc Pharm) Physics/Computing Science (BSc) 1 FreeStyle Lite to measure blood glucose n Values in mg/dL n [milligrams per tenth of a liter (decaLiter)] 2 CardioChek

799 views • 48 slides

More recommend