Analysis of the security vulnerability of BGP functioning and the reasons for complexity of dealing with them.

  • I. Voitenko National Technical University of Ukraine "Kyiv Polytechnic Institute named after Igor Sikorsky"
  • M. Orlova National Technical University of Ukraine "Kyiv Polytechnic Institute named after Igor Sikorsky"
Keywords: Border Gateway Protocol, BGPSEC, routing security, Internet security, cross-domain routing.

Abstract

This article investigates and analyzes the vulnerabilities of BGP from its algorithmic behavior and from the mechanics of debugging autonomous systems according to the requirements of this protocol. It also provides a systematic analysis of the issue of the introduction of approved IETF extensions to this protocol, the issues of testing new solutions, as well as the reasons for the total or partial rejection of their final public use. Based on the analysis, possible options for further action to address the described vulnerabilities are described.

References

Apostolaki, M., Zohar, A. & Vanbever, L. (2017). Hijacking Bitcoin: Routing Attacks on Cryptocurrencies. 2017 IEEE Symposium on Security and Privacy (SP), pp. 375–392.

Rekhter, Y., Sangli, S. R. & Tappan, S. (2006). RFC 4360: BGP Extended Communities Attribute.

Lepinski, M. & Sriram, K. (2017). RFC 8205: BGPsec Protocol Specification.

White, R. (2003). Securing BGP Through Secure Origin BGP. The Internet Protocol Journal, 2003, vol. 6, № 3.

McPherson, D. & Scudder, J. G. (2007). RFC 5065: Autonomous System Confederations for BGP.

Chandra, R., Chen, E. & Bates, T. (2000). RFC 2796: BGP Route Reflection – An Alternative to Full Mesh IBGP.

Snijders, J., Bagdonas, I., Patel, K., Heitz, J. & Hilliard, N. (2017). RFC 8092: BGP Large Communities Attribute.

Chen, E. (2000) RFC 2918: Route Refresh Capability for BGP-4.

Chandra, R. & Scudder, J. G. (2000). RFC 2842: Capabilities Advertisement with BGP-4.

Fernando, R., Sangli, S. R., Rekhter, Y., Chen, E. & Scudder, J. G. (2007). RFC 4724: Graceful Restart Mechanism for BGP.

Villamizar, C., Govindan, R. & Chandra, R. (1998). RFC 2439: BGP Route Flap Damping.

Heffernan, A. (1998). RFC 2385: Protection of BGP Sessions via the TCP MD5 Signature Option.

Touch, J., Mankin, A. & Bonica, R. P. (2010). RFC 5925: The TCP Authentication Option.

Savola, P., Gill, V., Pignataro, C., Meyer, D. & Heasley, J. (2007). RFC 5082: The Generalized TTL Security Mechanism (GTSM).

Subramanian, L., Roth, V., Stoica, I., Shenker, S. & Katz, R. H. (2004). Listen and Whisper: Security Mechanisms for BGP. 1st Symposium Networked System Design and Implementation, pp. 14-16.

Abstract views: 0
PDF Downloads: 0
Published
2020-05-19
How to Cite
Voitenko, I., & Orlova, M. (2020). Analysis of the security vulnerability of BGP functioning and the reasons for complexity of dealing with them . COMPUTER-INTEGRATED TECHNOLOGIES: EDUCATION, SCIENCE, PRODUCTION, (39), 117-121. https://doi.org/10.36910/6775-2524-0560-2020-39-20
Section
Computer science and computer engineering