Modular Platform for Customer-Side Detection of BGP Redirection Attacks

Marco Silva; António Nogueira; Paulo Salvador

doi:10.5220/0006543601990206

Modular Platform for Customer-Side Detection of BGP Redirection Attacks

Marco Silva, António Nogueira, Paulo Salvador

2018

Abstract

Border Gateway Protocol (BGP) enables world-wide Internet connectivity and its inherent non-secure characteristics, together with the nonexistence of a trustable identity that correlates IP network prefixes with the Autonomous Systems (AS) allowed to announce them, opens the way to attacks or misconfiguration on a world-wide scale. Since corporate customers do not have access to the whole routing information used by Internet Service Providers (ISP), they can not act against these kind of attacks and must only rely on the ISP to promptly detect and take measures to mitigate them. This paper presents a world-wide distributed probing platform, with a simple and very low cost implementation, that can be used to detect traffic routing variations. Upon detection, the corporate customer can locally deploy security policies while notifying its network service provider(s) and requesting for further actions.

Download

Paper Citation

in Harvard Style

Silva M., Nogueira A. and Salvador P. (2018). Modular Platform for Customer-Side Detection of BGP Redirection Attacks.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-282-0, pages 199-206. DOI: 10.5220/0006543601990206

in Bibtex Style

@conference{icissp18,
author={Marco Silva and António Nogueira and Paulo Salvador},
title={Modular Platform for Customer-Side Detection of BGP Redirection Attacks},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2018},
pages={199-206},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006543601990206},
isbn={978-989-758-282-0},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Modular Platform for Customer-Side Detection of BGP Redirection Attacks
SN - 978-989-758-282-0
AU - Silva M.
AU - Nogueira A.
AU - Salvador P.
PY - 2018
SP - 199
EP - 206
DO - 10.5220/0006543601990206