Losing Control of the Internet: Using the Data Plane to Attack the Control Plane

Max Schuchard, Eugene Y. Vasserman, Abedelaziz Mohaisen, Denis Foo Kune, Nicholas Hopper, Yongdae Kim

Research output: Contribution to conferencePaperpeer-review

8 Scopus citations

Abstract

In this work, we introduce the Coordinated Cross Plane Session Termination, or CXPST, attack, a distributed denial of service attack that attacks the control plane of the Internet. CXPST extends previous work that demonstrates a vulnerability in routers that allows an adversary to disconnect a pair of routers using only data plane traffic. By carefully choosing BGP sessions to terminate, CXPST generates a surge of BGP updates that are seen by nearly all core routers on the Internet. This surge of updates surpasses the computational capacity of affected routers, crippling their ability to make routing decisions. In this paper we show how an adversary can attack multiple BGP sessions simultaneously and measure the impact these session failures have on the control plane of the Internet. We directly simulate the BGP activity resulting from this attack and compute the impact those messages have on router processing loads. Through simulations we show that botnets on the order of 250, 000 nodes can increase processing delays from orders of microseconds to orders of hours. We also propose and validate a defense against CXPST. Through simulation we demonstrate that current defenses are insufficient to stop CXPST. We propose an alternative, low cost, defense that is successful against CXPST, even if only the top 10% of Autonomous Systems by degree deploy it. Additionally, we consider more long term defenses that stop not only CXPST, but similar attacks as well.

Original languageEnglish (US)
StatePublished - 2011
Event18th Symposium on Network and Distributed System Security, NDSS 2011 - San Diego, United States
Duration: Feb 6 2011Feb 9 2011

Conference

Conference18th Symposium on Network and Distributed System Security, NDSS 2011
Country/TerritoryUnited States
CitySan Diego
Period2/6/112/9/11

Bibliographical note

Publisher Copyright:
© 2011 Proceedings of the Symposium on Network and Distributed System Security, NDSS 2011. All Rights Reserved.

Fingerprint

Dive into the research topics of 'Losing Control of the Internet: Using the Data Plane to Attack the Control Plane'. Together they form a unique fingerprint.

Cite this