TY - GEN
T1 - Small lies, lots of damage
T2 - 3rd IEEE International Conference on Communications and Network Security, CNS 2015
AU - Cohen, Reuven
AU - Hess-Green, Raziel
AU - Nakibly, Gabi
N1 - Publisher Copyright: © 2015 IEEE.
PY - 2015/12/3
Y1 - 2015/12/3
N2 - The Internet consists of a large number of interconnected heterogeneous ASs (Autonomous Systems), each owned and administered by an autonomous organization. Traffic in each AS is forwarded by routers that maintain a coherent picture of the network topology using an intra-AS routing protocol. The most popular intra-AS routing protocols are link-state protocols, such as OSPF and IS-IS. An attacker who compromises a single AS router can send false routing advertisements. In the most simple and practical variant of the attack, the attacker falsifies only its own routing advertisements and not those of other routers. However, such an attack is widely considered to have limited effectiveness, because only a small part of the topology is falsified. In this paper we disprove this conception, by presenting and analyzing a new attack, referred to as a partition attack, which can cause extensive damage throughout the AS by causing routers to have an incoherent view of the AS topology. We investigate the computational complexity of the attack and show its effectiveness using extensive simulations. An important property of this attack is that it cannot be prevented even if LSAs are digitally signed.
AB - The Internet consists of a large number of interconnected heterogeneous ASs (Autonomous Systems), each owned and administered by an autonomous organization. Traffic in each AS is forwarded by routers that maintain a coherent picture of the network topology using an intra-AS routing protocol. The most popular intra-AS routing protocols are link-state protocols, such as OSPF and IS-IS. An attacker who compromises a single AS router can send false routing advertisements. In the most simple and practical variant of the attack, the attacker falsifies only its own routing advertisements and not those of other routers. However, such an attack is widely considered to have limited effectiveness, because only a small part of the topology is falsified. In this paper we disprove this conception, by presenting and analyzing a new attack, referred to as a partition attack, which can cause extensive damage throughout the AS by causing routers to have an incoherent view of the AS topology. We investigate the computational complexity of the attack and show its effectiveness using extensive simulations. An important property of this attack is that it cannot be prevented even if LSAs are digitally signed.
UR - http://www.scopus.com/inward/record.url?scp=84966283658&partnerID=8YFLogxK
U2 - 10.1109/CNS.2015.7346851
DO - 10.1109/CNS.2015.7346851
M3 - منشور من مؤتمر
T3 - 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015
SP - 397
EP - 405
BT - 2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015
Y2 - 28 September 2015 through 30 September 2015
ER -