Investigating the Security Implications of Traffic Engineering and Connectivity in Internet Routing

DOI: https://doi.org/10.5753/errc.2024.4646

Abstract


With the growth of the Internet, the operation of BGP routing has become more complex, while the adoption of various traffic engineering techniques has gained popularity. However, techniques such as prepend and selective announcement are associated with an increased vulnerability to prefix hijacking—a situation in which an Autonomous System (AS) improperly announces prefixes belonging to another AS. This paper proposes a methodology to evaluate the susceptibility of networks to prefix hijacking based on the use of these practices. Preliminary results reveal that the use of prepend can increase the susceptibility to hijacking by a range of 21.5% to 96.2%, depending on the interconnection topology of the ASes. Networks with fewer interconnections showed a higher likelihood of having their hijacks visible across larger portions of the Internet.

Keywords: BGP, Traffic Engineering, Security, Routing

References

Botelho Marcos, P. de et al. AS-Path Prepending: There is No Rose without a Thorn. In: ACM IMC 2020. Virtual Event, USA, 2020. ISBN 9781450381383. DOI: 10.1145/3419394.3423642.

Turba, T. Amazon once again lost control (for 3 hours) over the IP pool in a BGP hijacking attack. Nov. 2022. Disponível em: [link].

Madory, D. BGP hijack of Amazon DNS to steal crypto currency. Oracle Developers, mai. 2018. Disponível em: [link].

Kacherginsky, P. Celer Bridge incident analysis. 2022. Disponível em: [link]. Acesso em: 20 ago. 2024.

Miao, S. Yet another BGP hijacking towards AS16509. 2022. Disponível em: [link]. Acesso em: 20 ago. 2024.

Siddiqui, A. Not just another BGP Hijack. 2020. Disponível em: [link]. Acesso em: 20 ago. 2024.

Siddiqui, A. KlaySwap – Another BGP Hijack Targeting Crypto Wallets. 2022. Disponível em: [link]. Acesso em: 20 ago. 2024.

Holterbach, T. et al. A System to Detect Forged-Origin Hijacks. In: 21TH USENIX Symposium on Networked Systems Design and Implementation (NSDI 24). USENIX Association, 2024.

Testart, C. et al. Profiling BGP Serial Hijackers: Capturing Persistent Misbehavior in the Global Routing Table. In: PROCEEDINGS of the Internet Measurement Conference. Amsterdam, Netherlands: Association for Computing Machinery, 2019. (IMC ’19), p. 420–434. ISBN 9781450369480. DOI: 10.1145/3355369.3355581.

Bertholdo, L. M. et al. On the Asymmetry of Internet eXchange Points-Why Should IXPs and CDNs Care? In: 2022 18th International Conference on Network and Service Management (CNSM). 2022. P. 73–81. DOI: 10.23919/CNSM55787.2022.9964817.

Schlinker, B. et al. PEERING: virtualizing BGP at the edge for research. In: PROCEEDINGS of the 15th International Conference on Emerging Networking Experiments And Technologies. Orlando, Florida: Association for Computing Machinery, 2019. (CoNEXT ’19), p. 51–67. ISBN 9781450369985. DOI: 10.1145/3359989.3365414.

Chang, R.; Lo, M. Inbound traffic engineering for multihomed ASs using AS path prepending. IEEE Network, v. 19, n. 2, p. 18–25, 2005. DOI: 10.1109/MNET.2005.1407694.

Battista, G. D. et al. Towards Optimal Prepending for Incoming Traffic Engineering. In. Disponível em: [link].

Rizvi, A. S. M. et al. Anycast Agility: Network Playbooks to Fight DDoS. In: 31ST USENIX Security Symposium (USENIX Security 22). Boston, MA: USENIX Association, ago. 2022. P. 4201–4218. ISBN 978-1-939133-31-1. Disponível em: [link].

Oliver, L. et al. Stop, DROP, and ROA: Effectiveness of Defenses through the Lens of DROP. In: PROCEEDINGS of the 22nd ACM Internet Measurement Conference. Nice, France: Association for Computing Machinery, 2022. (IMC ’22), p. 730–737. ISBN 9781450392594. DOI: 10.1145/3517745.3561454.

Rekhter, Y. Routing in a Multi-provider Internet. RFC Editor, abr. 1995. 8 p. RFC 1787. (Request for Comments, 1787). DOI: 10.17487/RFC1787. Disponível em: [link].

Bush, R.; Austein, R. The Resource Public Key Infrastructure (RPKI) to Router Protocol. RFC Editor, jan. 2013. 27 p. RFC 6810. (Request for Comments, 6810). DOI: 10.17487/RFC6810. Disponível em: [link].

Du, B. et al. IRRegularities in the Internet Routing Registry. In: PROCEEDINGS of the 2023 ACM on Internet Measurement Conference. Montreal QC, Canada: Association for Computing Machinery, 2023. (IMC ’23), p. 104–110. ISBN 9798400703829. DOI: 10.1145/3618257.3624843.

Chung, T. et al. RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins. In: PROCEEDINGS of the Internet Measurement Conference. Amsterdam, Netherlands: Association for Computing Machinery, 2019. (IMC ’19), p. 406–419. ISBN 9781450369480. DOI: 10.1145/3355369.3355596.

Sermpezis, P. et al. A Survey among Network Operators on BGP Prefix Hijacking. SIGCOMM Comput. Commun. Rev., Association for Computing Machinery, New York, NY, USA, v. 48, n. 1, p. 64–69, abr. 2018. ISSN 0146-4833. DOI: 10.1145/3211852.3211862.

Cho, S. et al. BGP hijacking classification. In: 2019 Network Traffic Measurement and Analysis Conference (TMA). 2019. P. 25–32. DOI: 10.23919/TMA.2019.8784511.

Milolidakis, A. et al. On the Effectiveness of BGP Hijackers That Evade Public Route Collectors. IEEE Access, v. 11, p. 31092–31124, 2023. DOI: 10.1109/ACCESS.2023.3261128.

NCC, R. RIS Live. 2024. Disponível em: [link]. Acesso em: 10 jul. 2024.

Garcia, L. M.; Fyodor. Nmap. 2024. Disponível em: [link]. Acesso em: 20 ago. 2024.

Group, T. T. TCPDUMP and LIBPCAP. 2024. Disponível em: [link]. Acesso em: 20 ago. 2024.

Fan, X.; Heidemann, J. Selecting representative IP addresses for Internet topology studies. In: ACM. ACM IMC 2010. 2010. (IMC ’10). ISBN 9781450300575. DOI: 10.1145/1879141.1879195.
Published
2024-11-27
How to Cite

Select a Format
BARRETO, Renan; BERTHOLDO, Leandro; MARCOS, Pedro. Investigating the Security Implications of Traffic Engineering and Connectivity in Internet Routing. In: REGIONAL SCHOOL OF COMPUTER NETWORKS (ERRC), 21. , 2024, Rio Grande/RS. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 35-41. DOI: https://doi.org/10.5753/errc.2024.4646.