Post-graduate theses
Current Record: 49 of 824
|
|
| Identifier |
000447240 |
| Title |
BPHS: a BGP prefix hijacking simulation tool supporting RPKI filtering |
| Alternative Title |
BPHS: ένα εργαλείο προσομοίωσης επιθέσεων προθέματος BGP που υποστηρίζει φιλτράρισμα RPKI |
|
Author
|
Επταμηνιτάκης, Γεώργιος Ε.
|
|
Thesis advisor
|
Δημητρόπουλος, Ξενοφώντας
|
|
Reviewer
|
Μαρκάτος, Ευάγγελος
Μαγκούτης, Κωνσταντίνος
|
| Abstract |
The Border Gateway Protocol (BGP) is used by the Autonomous
Systems (e.g., Comcast, AT&T, COSMOTE) to advertise AS paths for the
corresponding routed IP address space (i.e., IPv4/IPv6 network prefixes)
and establish inter/intra-domain routes in the Internet. Despite its
scalability and capabilities of expressing complex routing policies, BGP
lacks many security features by design, like the authentication of the
advertised routes. Thus, an Autonomous System (AS) is able to advertise
illegitimate routes for IP prefixes that it does not own. These
advertisements propagate and “pollute” many ASes, or even the entire
Internet, affecting service availability, integrity, and confidentiality of
communications. This phenomenon is called BGP prefix hijacking and can
be caused by either router misconfigurations or malicious attacks.
The Resource Public Key Infrastructure (RPKI) is a hierarchical
certification system that aims to protect the Internet against these BGP
prefix hijacking attacks, introducing IP prefix ownership authentication.
Despite its crucial role in Internet security, RPKI deployment is slow (i.e.,
around 20% of the total ASes on the Internet) due to its limited adoption
from most ASes (i.e., it protects an AS only if a large number of other ASes
already use it) and due to its complex mechanisms resulting in human
errors.
Several research works have tried to measure the impact of the BGP
prefix hijacking attacks and the benefits of the RPKI adoption in the
Internet through BGP simulation algorithms that model the Internet
graph and the BGP protocol. However, there is not any related work
proposing a BGP simulator enabling network operators to quickly and
easily assess the vulnerability of their Autonomous Systems to BGP prefix
hijacking attacks and conduct their study through a user-friendly and
plug&play BGP simulation tool or service.
In this thesis, we introduce BPHS, the first BGP Prefix Hijacking
Simulation tool that enables network operators to quickly and easily (a)
assess the vulnerability of their Autonomous Systems to BGP prefix
hijacks and (b) measure the benefits of the RPKI’s adoption in the
Internet, through a user-friendly web application.
We evaluate BPHS by replaying real historical hijacks detected in the
Internet and reveal the benefits of the RPKI adoption by conducting a
comparative study (using BPHS) showing the attacker’s success rate for
different RPKI filtering scenarios. In addition, we extract two rankings lists
showing the most vulnerable ASes and countries to BGP prefix hijacking
attacks, including the most vulnerable Greek ASes. The evaluation results
show that BPHS estimates the impact of a hijack with high accuracy and
that the RPKI filtering in the Internet backbone significantly reduces the
BGP attacks.
|
| Language |
English |
| Subject |
Επιθέσεις προθέματος BGP |
|
Πειρατεία προθέματος BGP |
|
Προσωμοιωτής επιθέσεων προθέματος |
| Issue date |
2022-07-29 |
| Collection
|
School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
|
|
|
Type of Work--Post-graduate theses
|
| Permanent Link |
https://elocus.lib.uoc.gr//dlib/4/a/e/metadata-dlib-1648798838-66264-2427.tkl
|
| Views |
645 |
Collections
