Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

Published

Author(s)

Kotikalapudi Sriram, Douglas C. Montgomery, Oliver Borchert, Okhee Kim, David R. Kuhn

Abstract

We present a detailed study of the potential impact of BGP peering session attacks and the resulting exploitation of Route Flap Damping (RFD) that cause network-wide routing disruptions. We consider canonical grid as well as down-sampled realistic Autonomous System (AS) topologies and address the impact of various typical service provider routing policies. Our modeling focuses on three dimensions of routing performance sensitivity: (a) Protocol aware attacks (e.g., tuned to RFD), (b) Route selection policy, and (c) Attack-region topology. Analytical results provide insights into the nature of the problem and potential impact of the attacks. Detailed packet-level simulation results complement the analytical models and provide many additional insights into specific protocol interactions and timing issues. Finally, we quantify the potential effect of the BGPGraceful Restart mechanism as a partial mitigation of the BGP vulnerability to peering session attacks.
Citation
IEEE Journal on Selected Areas in Communications

Keywords

BGP Graceful Restart, Border Gateway Protocol (BGP), Internet routing protocol security, performance modeling, realistic topology, Route Flap Damping (RFD), routing policy
Created October 1, 2006, Updated November 10, 2018