+ All Categories
Home > Documents > Securing BGP – A LITERATURE SURVEY

Securing BGP – A LITERATURE SURVEY

Date post: 22-Feb-2016
Category:

Documents
Upload: decima
View: 34 times
Download: 0 times
Download Report this document
Share this document with a friend
Description:
Presented by: Tony Reveldez. Securing BGP – A LITERATURE SURVEY. GEOFF HUSTON B.Sc., M.Sc. Australian National University. MATTIA ROSSI B. Eng .,M.Sc. Leopold- Franzens - Universitaet. GEOFF ARMITAGE B.Sc., PhD. Swinburne University of Technology. Border Gateway Protocol. What is it? - PowerPoint PPT Presentation
Popular Tags:
bgp sessioninjection
bgp informationis
state of bgp security
bgp threat modelsecuring
securing bgpsecuring
data payload
data level
information complete
8
SECURING BGP – A LITERATURE SURVEY Presented by: Tony Reveldez GEOFF HUSTON B.Sc., M.Sc. Australia n National Universit y MATTIA ROSSI B.Eng.,M.S c. Leopold- Franzens- Universita et GEOFF ARMITAGE B.Sc., PhD. Swinburne Universit y of Technolog y 1
Transcript
Page 1: Securing BGP – A LITERATURE SURVEY

1

SECURING BGP – A LITERATURE SURVEY Presented by:

Tony Reveldez

GEOFF HUSTON

B.Sc., M.Sc.Australian National

University

MATTIA ROSSI

B.Eng.,M.Sc.Leopold-

Franzens-Universitaet

GEOFF ARMITAGE B.Sc., PhD.Swinburne

University of Technology

Page 2: Securing BGP – A LITERATURE SURVEY

2

Border Gateway Protocol

What is it? iBGP vs eBGP TCP/IP Distant Vector Routing

Path Vector Routing Route Selection Process Messages

AS Path

Page 3: Securing BGP – A LITERATURE SURVEY

3

BGP Threat Model Securing the BGP Session

Injection, eavesdropping, delay messages, replay Verifying BGP Identity

Are you really who you claim to be? Verifying BGP Information

Is your information complete? Verifying Forwarding Paths

Is my information accurate?

Page 4: Securing BGP – A LITERATURE SURVEY

4

Consequences of Attacks on the Routing System

Denial of Service

the potential to masquerade Address Stealing

The ability to eavesdrop

www.fireblog.com

Page 5: Securing BGP – A LITERATURE SURVEY

5

Securing BGP The Security Toolset Security Requirements

Securing the data payload and semanticsPiecemeal incremental deployment

Approaches to Securing BGPsBGP, soBGP, psBGP, pgBGP, IRV

Page 6: Securing BGP – A LITERATURE SURVEY

6

Approaches to Securing BGP

Securing the operation of BGPTCP sessionGTSMTCP MD5IPSEC

Security in the Data Level

Page 7: Securing BGP – A LITERATURE SURVEY

7

Securing the Integrity of BGP Data

sBGP soBGP

psBGP

IRV pgBGP

Page 8: Securing BGP – A LITERATURE SURVEY

8

State of BGP Security

As the table shows, of all proposals, only a few have been implemented and mostly not deployed


Recommended
Securing BGPd2zmdbbm9feqrf.cloudfront.net/2016/usa/pdf/BRKRST-3179.pdf•Introduction • Securing BGP Connections • MD5 Authentication, IPv6 Link-Local Peering • TTL Security,

Securing BGPd2zmdbbm9feqrf.cloudfront.net/2016/usa/pdf/BRKRST-3179.pdf•Introduction • Securing BGP Connections • MD5 Authentication, IPv6 Link-Local Peering • TTL Security,

Documents

Advanced Networking Topics: BGP, BGP Hijacking, MPLS, …

Advanced Networking Topics: BGP, BGP Hijacking, MPLS, …

Documents

BGP Techniques for Internet Service Providers - MENOG · BGP Techniques for Internet Service Providers BGP Basics Scaling BGP Using Communities Deploying BGP in an ISP network. ...

BGP Techniques for Internet Service Providers - MENOG · BGP Techniques for Internet Service Providers BGP Basics Scaling BGP Using Communities Deploying BGP in an ISP network. ...

Documents

Securing BGP -RPKI · 2018. 5. 21. · Securing BGP -RPKI 1 ThaiNOG2018 -Bangkok 21 May 2018 Tashi Phuntsho (tashi@apnic.net)

Securing BGP -RPKI · 2018. 5. 21. · Securing BGP -RPKI 1 ThaiNOG2018 -Bangkok 21 May 2018 Tashi Phuntsho ([email protected])

Documents

ION Belfast - Securing BGP - David Freedman

ION Belfast - Securing BGP - David Freedman

Technology

1 Border Gateway Protocol (BGP). 2 Contents Internet connectivity and BGP connectivity services, AS relationships BGP Basics BGP sessions, BGP.

1 Border Gateway Protocol (BGP). 2 Contents Internet connectivity and BGP connectivity services, AS relationships BGP Basics BGP sessions, BGP.

Documents

SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez leonel.ocsa.sanchez@hotmail.com School of Computer Science.

SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez [email protected] School of Computer Science.

Documents

BGP V1.1. When is BGP Applicable Basic BGP Peer Configuration Troubleshooting BGP Connections BGP Operation and Path Attributes Route Import/Export Selected.

BGP V1.1. When is BGP Applicable Basic BGP Peer Configuration Troubleshooting BGP Connections BGP Operation and Path Attributes Route Import/Export Selected.

Documents

Securing BGP - RPKI · Amazon (AS16509) Route53 hijack – April2018 ... DNS servers in the hijacked range only responded to queries for myetherwallet.com • Responded with addresses

Securing BGP - RPKI · Amazon (AS16509) Route53 hijack – April2018 ... DNS servers in the hijacked range only responded to queries for myetherwallet.com • Responded with addresses

Documents

SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez

SPV: Secure Path Vector Routing for Securing BGP Leonel Ocsa Sáchez

Documents

Securing the Border Gateway Protocol Using S-BGP Dr. Stephen Kent Chief Scientist - Information Security kent@bbn.com APNIC Open Policy Meeting Routing.

Securing the Border Gateway Protocol Using S-BGP Dr. Stephen Kent Chief Scientist - Information Security [email protected] APNIC Open Policy Meeting Routing.

Documents

Securing Routing Protocol BGP · Secure Border Gateway Protocol (S-BGP) is the initial platform to secure BGP. Due to significant use of asymmetric cryptography and certificates,

Securing Routing Protocol BGP · Secure Border Gateway Protocol (S-BGP) is the initial platform to secure BGP. Due to significant use of asymmetric cryptography and certificates,

Documents

Implementing BGP - Cisco · Implementing BGP BorderGatewayProtocol(BGP)isanExteriorGatewayProtocol(EGP)thatallowsyoutocreateloop-free interdomainroutingbetweenautonomoussystems ...

Implementing BGP - Cisco · Implementing BGP BorderGatewayProtocol(BGP)isanExteriorGatewayProtocol(EGP)thatallowsyoutocreateloop-free interdomainroutingbetweenautonomoussystems ...

Documents

Securing BGP Bruce Maggs. BGP Primer AT&T 7018 12/8 Sprint 1239 144.223/16 CMU 9 128.2/16 bmm.pc.cs.cmu.edu 128.2.205.42 Autonomous System Number Prefix.

Securing BGP Bruce Maggs. BGP Primer AT&T 7018 12/8 Sprint 1239 144.223/16 CMU 9 128.2/16 bmm.pc.cs.cmu.edu 128.2.205.42 Autonomous System Number Prefix.

Documents

SECURING BGP Matthew Nickasch nickaschm@uwplatt.edu University of Wisconsin-Platteville Dept. of Computer Science & Software Engineering.

SECURING BGP Matthew Nickasch [email protected] University of Wisconsin-Platteville Dept. of Computer Science & Software Engineering.

Documents

Securing communities: summaries of key literature on community ...

Securing communities: summaries of key literature on community ...

Documents

Securing BGP - RPKIof Amazon Route53’s prefix (205.251.192.0/21) ... DNS servers in the hijacked range only responded to queries for myetherwallet.com • Responded with addresses

Securing BGP - RPKIof Amazon Route53’s prefix (205.251.192.0/21) ... DNS servers in the hijacked range only responded to queries for myetherwallet.com • Responded with addresses

Documents

BGP/2004.5.1 November 2004 © O. Bonaventure, 2004 · Organization of the global Internet BGP basics BGP in large networks Interdomain traffic engineering with BGP BGP-based Virtual

BGP/2004.5.1 November 2004 © O. Bonaventure, 2004 · Organization of the global Internet BGP basics BGP in large networks Interdomain traffic engineering with BGP BGP-based Virtual

Documents