BGP Threats and Practical Security

Publicerad

Typ

Examensarbete för masterexamen
Master Thesis

Program

Modellbyggare

Tidskriftstitel

ISSN

Volymtitel

Utgivare

Sammanfattning

Border Gateway Protocol (BGP) is the routing protocol being used for exchanging path information among routers in the Internet. A smooth service of the Internet depends on BGP but there is much vulnerability in BGP that can be exploited to disrupt the Internet services. BGP is vulnerable to many attacks due to the lack of inherent security measures in its design. Although many protocols are proposed to provide security in BGP, but up-to-date none of them has been implemented in practical world due to deployment issues. In this thesis, we studied the BGP protocol, possible attacks on BGP and their countermeasures proposed in literature and research. We have designed and implemented case studies defining different attacks and their mitigation in Chalmers Networking Laboratory at Lindholmen, Chalmers campus. BGP is complex protocol; we have studied BGP and its vulnerabilities in detail. We did comparative and analytical study of the security protocols built for BGP in order to explore the reasons for their non-deployment in real world. We considered frequently used and best practices proposed by large Internet Service Providers (ISPs) to avoid many attacks and problems by employing services like route filtering, route dampening and prefix limiting. A sample BGP network has been built using Cisco equipment available in the lab along with all possible security threats to test the protection provided by practical security measures.

Beskrivning

Ämne/nyckelord

Information Technology, Informationsteknik

Citation

Arkitekt (konstruktör)

Geografisk plats

Byggnad (typ)

Byggår

Modelltyp

Skala

Teknik / material

Index

item.page.endorsement

item.page.review

item.page.supplemented

item.page.referenced