BGP Threats and Practical Security
Ladda ner
Typ
Examensarbete för masterexamen
Master Thesis
Master Thesis
Program
Publicerad
2011
Författare
Farooq, Muhammad
Zeb, Akhtar
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Border Gateway Protocol (BGP) is the routing protocol being used for exchanging path information among routers in the Internet. A smooth service of the Internet depends on BGP but there is much vulnerability in BGP that can be exploited to disrupt the Internet services. BGP is vulnerable to many attacks due to the lack of inherent security measures in its design. Although many protocols are proposed to provide security in BGP, but up-to-date none of them has been implemented in practical world due to deployment issues. In this thesis, we studied the BGP protocol, possible attacks on BGP and their countermeasures proposed in literature and research. We have designed and implemented case studies defining different attacks and their mitigation in Chalmers Networking Laboratory at Lindholmen, Chalmers campus. BGP is complex protocol; we have studied BGP and its vulnerabilities in detail. We did comparative and analytical study of the security protocols built for BGP in order to explore the reasons for their non-deployment in real world. We considered frequently used and best practices proposed by large Internet Service Providers (ISPs) to avoid many attacks and problems by employing services like route filtering, route dampening and prefix limiting. A sample BGP network has been built using Cisco equipment available in the lab along with all possible security threats to test the protection provided by practical security measures.
Beskrivning
Ämne/nyckelord
Information Technology , Informationsteknik