BGP Threats and Practical Security

Abstract

Border Gateway Protocol (BGP) is the routing protocol being used for exchanging path information among routers in the Internet. A smooth service of the Internet depends on BGP but there is much vulnerability in BGP that can be exploited to disrupt the Internet services. BGP is vulnerable to many attacks due to the lack of inherent security measures in its design. Although many protocols are proposed to provide security in BGP, but up-to-date none of them has been implemented in practical world due to deployment issues. In this thesis, we studied the BGP protocol, possible attacks on BGP and their countermeasures proposed in literature and research. We have designed and implemented case studies defining different attacks and their mitigation in Chalmers Networking Laboratory at Lindholmen, Chalmers campus. BGP is complex protocol; we have studied BGP and its vulnerabilities in detail. We did comparative and analytical study of the security protocols built for BGP in order to explore the reasons for their non-deployment in real world. We considered frequently used and best practices proposed by large Internet Service Providers (ISPs) to avoid many attacks and problems by employing services like route filtering, route dampening and prefix limiting. A sample BGP network has been built using Cisco equipment available in the lab along with all possible security threats to test the protection provided by practical security measures.