WP2 – Security Assessment of the Interdomain Routing Protocols

  • Routing Protocols Incidents:┬áClassify the main cyber threats against the most widespread routing protocols used in the Internet (BGP, OSPF, EIGRP, etc.). The classification will include both an analysis of real routing attacks and a survey of well-known weaknesses. We will install probes to collect real time data about attacks that target the Nautilus Mediterranean eXchange point (NaMeX), an Internet exchange point that connect ISPs pertaining to different countries, hosted by Cineca. The survey will also include the results of a questionnaire that will be submitted to the interested parties.
  • Towards a Secure BGP:┬áThis activity aims at providing a long-term answer to the need for a scalable and secure inter-domain routing protocol. We will evaluate how to address BGP routing vulnerabilities through the development of practical countermeasures. The expected outcome is an innovative proposal for a secure version of BGP, based on novel cryptographic techniques, that does not rely on a Public Key Infrastructure.
  • OpenBGPd-Compliant Prototype: Develop a prototype for our proposal of a secure BGP. The prototype will be integrated with the widespread open source OpenBGPd (the daemon managing network routing tables), and it will be tested by Cineca in order to pursue the best standards of dependability and interoperability.
Expected Results:
  • Improved understanding of the main vulnerabilities regarding routing protocols: individuate and evaluate the main weaknesses underlying BGP, OSPF, EIGRP, RIP, etc. in real scenarios, together with possible ways how to mitigate such weaknesses.
  • Routing Protocols Incident Surve (March 2015)
  • Secure BGP Prototype (December 2015)

Comments are closed