Link-Cutting Attacks Link-Cutting Attacks Steven M. Bellovin Emden R. Gansner smb@research.att.com erg@research.att.com AT&T Labs Research Florham Park, NJ 07932 �✂✁☎✄✆✁ 1 Steven M. Bellovin — August 7, 2003
Link-Cutting Attacks Classic Routing Attacks: Z Can Lie 5 10 Z Host B Y 5 5 X 10 Y−>X, Y−>Z: B(10) Host A Z−>X: Y(5), B(3) X−>A: Z(5), Y(5), B(8) Note that X is telling the truth as it knows it. �✂✁☎✄✆✁ 2 Steven M. Bellovin — August 7, 2003
✝ ✝ ✝ Link-Cutting Attacks What Can We Do? In theory, we can secure routing protocols. SBGP uses digitally signed paths; there’s also a Secure OSPF design. But. . . �✂✁☎✄✆✁ 3 Steven M. Bellovin — August 7, 2003
✝ ✝ ✝ Link-Cutting Attacks A New Attack Suppose that we’ve deployed secure routing protocols Suppose the attacker controls some links or nodes, and has a map of the topology. It’s computationally feasible for the attacker to calculate what links to cut to force traffic past the controlled points. �✂✁☎✄✆✁ 4 Steven M. Bellovin — August 7, 2003
Link-Cutting Attacks The Attacker Has Compromised Node X1 Xa3 Ya2 Xa2 Ya3 Xa1 Wa2 Wa1 Za3 Xb1 Yb1 Xb0 Za2 Yb0 Wb0 Wb1 Ya1 Zb0 Xa0 Zb1 Ya0 Wa3 Wa0 A Za0 Za1 B C D The dotted lines are the cut links. �✂✁☎✄✆✁ 5 Steven M. Bellovin — August 7, 2003
✝ ✝ Link-Cutting Attacks Results In hundreds of trials on intra- and inter-ISP topologies, we had a success rate of 80-90%. Each calculation takes at most a few seconds, even on very large topologies. �✂✁☎✄✆✁ 6 Steven M. Bellovin — August 7, 2003
Link-Cutting Attacks http://www.research.att.com/˜smb/papers/reroute.ps http://www.research.att.com/˜smb/papers/reroute.pdf �✂✁☎✄✆✁ 7 Steven M. Bellovin — August 7, 2003
Recommend
More recommend
