Article

Listen and whisper: security mechanisms for BGP

Authors:

Lakshminarayanan Subramanian,

Randy H. KatzAuthors Info & Claims

NSDI'04: Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1

Page 10

Published: 29 March 2004 Publication History

Abstract

BGP, the current inter-domain routing protocol, assumes that the routing information propagated by authenticated routers is correct. This assumption renders the current infrastructure vulnerable to both accidental misconfigurations and deliberate attacks. To reduce this vulnerability, we present a combination of two mechanisms: Listen and Whisper. Listen passively probes the data plane and checks whether the underlying routes to different destinations work. Whisper uses cryptographic functions along with routing redundancy to detect bogus route advertisements in the control plane. These mechanisms are easily deployable, and do not rely on either a public key infrastructure or a central authority like ICANN.

The combination of Listen and Whisper eliminates a large number of problems due to router misconfigurations, and restricts (though not eliminates) the damage that deliberate attackers can cause. Moreover, these mechanisms can detect and contain isolated adversaries that propagate even a few invalid route announcements. Colluding adversaries pose a more stringent challenge, and we propose simple changes to the BGP policy mechanism to limit the damage colluding adversaries can cause. We demonstrate the utility of Listen and Whisper through real-world deployment, measurements and empirical analysis. For example, a randomly placed isolated adversary, in the worst case can affect reachability to only 1% of the nodes.

References

[1]

{1} Cisco ios netflow. http://www.cisco.com/warp/ public/732/Tech/nmp/netflow/index.shtml.]]

[2]

{2} Gnu zebra router implementation. http://www.zebra. org/.]]

[3]

{3} Internet Corporation for Assigned Names and Numbers. http://www.icann.org/.]]

[4]

{4} Internet routing registry. http://www.irr.net/. Version current January 2003.]]

[5]

{5} libpcap utility. http://sourceforge.net/ projects/libpcap.]]

[6]

{6} Microsoft port 1433 vulnerability. http:/lists. insecure.org/lists/vuln-dev/2002/Aug/ 0073.html.]]

[7]

{7} Ripe ncc. http://www.ripe.net.]]

[8]

{8} Routeviews. http://www.routeviews.org/.]]

[9]

{9} Sprint IPMON project. http://ipmon.sprint. com/.]]

[10]

{10} Trends in dos attack technology. http://www.cert. org/archive/pdf/DoS_trends.pdf.]]

[11]

{11} J. Arkko and P. Nikander. How to authenticate unknown principals without trusted parties. In Proc. Security Protocols Workshop 2002, April 2002.]]

[12]

{12} M. Bellare and D. Micciancio. A new paradigm for collision-free hashing: Incrementality at reduced cost. volume 1223 of Lecture Notes in Computer Science. Springer Verlag, 1997.]]

[13]

{13} I. Blake, G. Serossi, and N. Smart. Elliptic Curves in Cryptography . Cambridge University Press, 2000.]]

Digital Library

[14]

{14} V. J. Bono. 7007 explanation and apology. http://www.merit.edu/mail.archives/ nanog/1997-04/msg00444.html.]]

[15]

{15} R. Clarke. Conventional public key infrastructure: An artefact ill-fitted to the needs of the information society. Technical report. http://www.anu.edu.au/people/ Roger.Clarke/II/PKIMisFit.html.]]

[16]

{16} D. Davis. Compliance defects in public key cryptography. In Proc. 6th USENIX Security Symposium, 1996.]]

Digital Library

[17]

{17} C. Ellison and B. Schneier. Ten risks of PKI: What you're not being told about public key infrastructure. Computer Security Journal, 16(1):1-7, 2000. Available online at URL http://www.counterpane.com/ pki-risks.html.]]

[18]

{18} L. Gao and J. Rexford. Stable internet routing without global coordination. In IEEE/ACM Transactions on Networking, 2001.]]

Digital Library

[19]

{19} G. Goodell, W. Aiello, T. Griffin, J. Ioannidis, P. McDaniel, and A. Rubin. Working around BGP: An incremental approach to improving security and accuracy of interdomain routing. In Proc. of NDSS, San Diego, CA, USA, Feb. 2003.]]

[20]

{20} Y. Hu, D. B. Johnson, and A. Perrig. SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks. In Proc. of WMCSA, June 2002.]]

Digital Library

[21]

{21} Y. Hu, A. Perrig, and D. B. Johnson. Wormhole detection in wireless ad hoc networks. Technical Report TR01-384, Department of Computer Science, Rice University, Dec. 2001.]]

[22]

{22} Y. Hu, A. Perrig, and D. B. Johnson. Efficient security mechanisms for routing protocols. In Proc. of NDSS'03, February 2003.]]

[23]

{23} S. Kent, C. Lynn, and K. Seo. Design and analysis of the Secure Border Gateway Protocol (S-BGP). In Proc. of DISCEX '00.]]

[24]

{24} S. Kent, C. Lynn, and K. Seo. Secure Border Gateway Protocol (Secure-BGP). IEEE Journal on Selected Areas of Communications , 18(4):582-592, Apr. 2000.]]

Digital Library

[25]

{25} R. Mahajan, D. Wetherall, and T. Anderson. Understanding BGP misconfigurations. In Proc. ACM SIGCOMM Conference , Pittsburg, Aug. 2002.]]

Digital Library

[26]

{26} Z. Mao, J. Rexford, J. Wang, and R. H. Katz. Towards an accurate AS-level traceroure tool. In ACM SIGCOMM, 2003.]]

Digital Library

[27]

{27} S. Murphy, O. Gudmundsson, R. Mundy, and B. Wellington. Retrofitting security into Internet infrastructure protocols. In Proc. of DISCEX '00, volume 1, pages 3-17, 1999.]]

[28]

{28} J. Ng. Extensions to BGP to support Secure Origin BGP (sobgp). Internet Draft draft-ng-sobgp-bgp-extensions-00, Oct. 2002.]]

[29]

{29} V. N. Padmanabhan and D. R. Simon. Secure traceroute to detect faulty or malicious routing. In Proc. HotNets-I, 2002.]]

[30]

{30} V. Paxson and S. Floyd. Wide area traffic: Failure of poisson modeling. In Proc. ACM SIGCOMM, 1994.]]

Digital Library

[31]

{31} B. Smith and J. Garcia-Luna-Aceves. Securing the Border Gateway Routing Protocol. In Proc. Global Internet '96, London, UK, November 1996.]]

[32]

{32} L. Subramanian, S. Agarwal, J. Rexford, and R. H. Katz. Characterizing the Internet hierarchy from multiple vantage points. In IEEE INFOCOM, New York, 2002.]]

[33]

{33} R. Thomas. http://www.cmyru.com.]]

[34]

{34} X. Zhao, D. Pei, L. Wang, D. Massey, A. Mankin, S. F. Wu, and L. Zhang. An analysis of BGP multiple origin AS (MOAS) conflicts. In ACM SIGCOMM IMW, 2001.]]

Digital Library

[35]

{35} D. Zhu, M. Gritter, and D. Cheriton. Feedback based routing. In Proc. of HotNets-I, October 2002.]]

Cited By

Gilad YHlavacek THerzberg ASchapira MShulman H(2018)Perfect is the Enemy of GoodProceedings of the 17th ACM Workshop on Hot Topics in Networks10.1145/3286062.3286071(57-63)Online publication date: 15-Nov-2018
https://dl.acm.org/doi/10.1145/3286062.3286071
Sermpezis PKotronis VDainotti ADimitropoulos X(2018)A Survey among Network Operators on BGP Prefix HijackingACM SIGCOMM Computer Communication Review10.1145/3211852.321186248:1(64-69)Online publication date: 27-Apr-2018
https://dl.acm.org/doi/10.1145/3211852.3211862
Sermpezis PKotronis VGigis PDimitropoulos XCicalese DKing ADainotti A(2018)ARTEMISIEEE/ACM Transactions on Networking10.1109/TNET.2018.286979826:6(2471-2486)Online publication date: 1-Dec-2018
https://dl.acm.org/doi/10.1109/TNET.2018.2869798
Show More Cited By

Recommendations

Devil's whisper: a general approach for physical adversarial attacks against commercial black-box speech recognition devices
SEC'20: Proceedings of the 29th USENIX Conference on Security Symposium

Recently studies show that adversarial examples (AEs) can pose a serious threat to a "white-box" automatic speech recognition (ASR) system, when its machine-learning model is exposed to the adversary. Less clear is how realistic such a threat would be ...
Whisper: a unilateral defense against VoIP traffic re-identification attacks
ACSAC '19: Proceedings of the 35th Annual Computer Security Applications Conference

Encrypted voice-over-IP (VoIP) communication often uses variable bit rate (VBR) codecs to achieve good audio quality while minimizing bandwidth costs. Prior work has shown that encrypted VBR-based VoIP streams are vulnerable to re-identification attacks ...
Whisper to normal speech conversion using pitch estimated from spectrum

A systematic method to connect a whispered vowel to its perceived pitch is presented.A regression function to predict the perceived pitch from the spectral information of the whispered speech is obtained.A whispered-to-normal speech converter is ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

NSDI'04: Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1

March 2004

404 pages

Sponsors

USENIX Assoc: USENIX Assoc

Publisher

USENIX Association

United States

Publication History

Published: 29 March 2004

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

58
Total Citations
View Citations
27
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gilad YHlavacek THerzberg ASchapira MShulman H(2018)Perfect is the Enemy of GoodProceedings of the 17th ACM Workshop on Hot Topics in Networks10.1145/3286062.3286071(57-63)Online publication date: 15-Nov-2018
https://dl.acm.org/doi/10.1145/3286062.3286071
Sermpezis PKotronis VDainotti ADimitropoulos X(2018)A Survey among Network Operators on BGP Prefix HijackingACM SIGCOMM Computer Communication Review10.1145/3211852.321186248:1(64-69)Online publication date: 27-Apr-2018
https://dl.acm.org/doi/10.1145/3211852.3211862
Sermpezis PKotronis VGigis PDimitropoulos XCicalese DKing ADainotti A(2018)ARTEMISIEEE/ACM Transactions on Networking10.1109/TNET.2018.286979826:6(2471-2486)Online publication date: 1-Dec-2018
https://dl.acm.org/doi/10.1109/TNET.2018.2869798
Mirkovic JKline EReiher P(2017)RESECTProceedings of the 33rd Annual Computer Security Applications Conference10.1145/3134600.3134644(474-485)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3134600.3134644
Chen AHaeberlen AZhou WLoo B(2017)One Primitive to Diagnose Them AllProceedings of the Twelfth European Conference on Computer Systems10.1145/3064176.3064212(374-388)Online publication date: 23-Apr-2017
https://dl.acm.org/doi/10.1145/3064176.3064212
Song YVenkataramani AGao L(2016)Identifying and Addressing Reachability and Policy Attacks in “Secure” BGPIEEE/ACM Transactions on Networking10.1109/TNET.2015.250364224:5(2969-2982)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1109/TNET.2015.2503642
Goldberg SXiao DTromer EBarak BRexford J(2015)Path-quality monitoring in the presence of adversariesIEEE/ACM Transactions on Networking10.1109/TNET.2014.233985323:6(1729-1741)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1109/TNET.2014.2339853
Zhao JWen Y(2013)Emulation on the internet prefix hijacking attack impactionProceedings of the 2013 international conference on Information and Communication Technology10.5555/2456411.2456474(485-489)Online publication date: 25-Mar-2013
https://dl.acm.org/doi/10.5555/2456411.2456474
Khare VJu QZhang BByers JKurose JMahajan RSnoeren A(2012)Concurrent prefix hijacksProceedings of the 2012 Internet Measurement Conference10.1145/2398776.2398780(29-36)Online publication date: 14-Nov-2012
https://dl.acm.org/doi/10.1145/2398776.2398780
Shi XXiang YWang ZYin XWu JByers JKurose JMahajan RSnoeren A(2012)Detecting prefix hijackings in the internet with argusProceedings of the 2012 Internet Measurement Conference10.1145/2398776.2398779(15-28)Online publication date: 14-Nov-2012
https://dl.acm.org/doi/10.1145/2398776.2398779
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents