1 / 8

BGP Attack Tree

BGP Attack Tree. draft-convery-bgpattack-00.txt http://trinux.sourceforge.net/draft-convery-bgpattack-00.html http://trinux.sourceforge.net/draft-convery-bgpattack-00.txt Sean Convery David Cook Matt Franz. Motivations. Develop formal analysis of potential threats to and using BGP

gay-calhoun
Télécharger la présentation

BGP Attack Tree

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BGP Attack Tree draft-convery-bgpattack-00.txt http://trinux.sourceforge.net/draft-convery-bgpattack-00.html http://trinux.sourceforge.net/draft-convery-bgpattack-00.txt Sean Convery David Cook Matt Franz

  2. Motivations • Develop formal analysis of potential threats to and using BGP • Create threat profile useful for evaluating BGP security improvements • Provide foundation for vulnerability testing of new and existing BGP implementations • Facilitate repeatable testing methodology by third parties • Organize the material in a modular and reusable way

  3. Why Attack Trees? • Provide well documented method of exploring every possibility an adversary has (technical and non-technical). • Data presentation in tree format allows: • Easy gap identification • Selective elaboration based on location in the tree • Ability to assign attributes for nodes of the tree: • Impact of the attack • Ease of attack execution • Cost of the attack • Presence of countermeasures (such as best practices) • Access/trust requirements to conduct attack http://www.ddj.com/documents/s=896/ddj9912a/9912a.htm http://www.cert.org/archive/pdf/01tn001.pdf

  4. Attack Tree Example Goal: Gain unauthorized physical access to building Attack: OR 1. Unlock door with key OR 1. Steal Key 2. Social Engineering OR 1. Borrow key 2. Convince locksmith to unlock door 2. Pick lock 3. Break window 4. Follow authorized individual into building OR 1. Act like you belong and follow someone else 2. Befriend someone authorized outside a building 3. Appear in need of assistance (such as carrying a large box) AND 4. Wear appropriate clothing for the location

  5. Attack Tree Example (Graphical) Blue = OR Red = AND Graphic tree representations are generated from the source attack tree.

  6. Reset a Single BGP Session Attack: OR 1. Send message to router causing reset OR 1. Send RST message to TCP stack 2. Send BGP Message OR 1. Notify 2. Open 3. Keepalive AND 3. TCP Sequence number Attack (Appendix A.4) 2. Alter configuration via compromised router (Appendix A.1)

  7. Reset a Single BGP Session (Graphical) Blue = OR Red = AND

  8. Next Steps • Incorporate feedback on draft • Ensure completeness of attack tree • Coordinate with other threat drafts Thanks!

More Related