Manipulating BGP monitors - extended

Abstract

Border Gateway Protocol (BGP) is the cornerstone of internet routing, facilitating communication between autonomous systems (ASes). To assess the routing performance, such as detecting anomalies, route hijacks, and network congestion, operators often rely on the control plane information collected by several global BGP monitors [1, 2]. For example, state-of-the-art systems for detecting BGP hijacking attacks [3, 4] require extensive historical routing data for high accuracy.

This (extended) thesis explores the feasibility of manipulating data collected by BGP monitors, subsequently tricking defensive systems that rely on such data.

This thesis is jointly supervised by Stefano Vissicchio (UCL).

Milestones

• Enumerate vulnerabilities (Months 1-2): Identify attack scenarios for current state-of-the-art BGP defense systems
• Test of feasibility (Month 3): Conduct accurate simulations on networking scenarios to estimate the severity of the attacks.
• Defenses (Months 4-5): Develop defense mechanisms to protect against BGP hijacks and provide a proof-of-concept.
• Thesis (Month 6): Write and finalize the thesis.

Requirements

• Background: BGP, BGP hijacking, Basic security understandings
• Programming Languages: Python, Shell, Docker

References

1. RIPE. RIS Live.

2. RouteView. University of Oregon RouteViews Project.

3. Holterbach et al. A System to Detect Forged-Origin Hijacks.

4. Sermpezis et al. ARTEMIS: Neutralizing BGP Hijacking within a Minute.

Supervisors

Dr. Muoi Tran

Post-doc

Prof. Laurent Vanbever

Group Leader