Computational Complexity of Traffic Hijacking under BGP and S-BGP

  • Marco Chiesa
  • Giuseppe Di Battista
  • Thomas Erlebach
  • Maurizio Patrignani
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7392)

Abstract

Harmful Internet hijacking incidents put in evidence how fragile the Border Gateway Protocol (BGP) is, which is used to exchange routing information between Autonomous Systems (ASes). As proved by recent research contributions, even S-BGP, the secure variant of BGP that is being deployed, is not fully able to blunt traffic attraction attacks. Given a traffic flow between two ASes, we study how difficult it is for a malicious AS to devise a strategy for hijacking or intercepting that flow. We show that this problem marks a sharp difference between BGP and S-BGP. Namely, while it is solvable, under reasonable assumptions, in polynomial time for the type of attacks that are usually performed in BGP, it is NP-hard for S-BGP. Our study has several by-products. E.g., we solve a problem left open in the literature, stating when performing a hijacking in S-BGP is equivalent to performing an interception.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
    Engelberg, R., Schapira, M.: Weakly-Acyclic (Internet) Routing Games. In: Persiano, G. (ed.) SAGT 2011. LNCS, vol. 6982, pp. 290–301. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  3. 3.
    Gao, L., Rexford, J.: Stable internet routing without global coordination. In: Proc. SIGMETRICS (2000)Google Scholar
  4. 4.
    Goldberg, S., Schapira, M., Hummon, P., Rexford, J.: How secure are secure interdomain routing protocols? In: Proc. SIGCOMM (2010)Google Scholar
  5. 5.
    Griffin, T., Shepherd, F.B., Wilfong, G.: The stable paths problem and interdomain routing. IEEE/ACM Trans. on Networking 10(2), 232–243 (2002)CrossRefGoogle Scholar
  6. 6.
    Huston, G.: Interconnection, peering, and settlements. In: Proc. INET (1999)Google Scholar
  7. 7.
    Huston, G.: AS6447 BGP routing table analysis report (2012), http://bgp.potaroo.net/as6447/
  8. 8.
    Kent, S., Lynn, C., Seo, K.: Secure border gateway protocol (S-BGP) (2000)Google Scholar
  9. 9.
    Papadimitriou, C.M.: Computational complexity (1994)Google Scholar
  10. 10.
    Rekhter, Y., Li, T., Hares, S.: A Border Gateway Protocol 4 (BGP-4). RFC 4271Google Scholar
  11. 11.
    Sami, R., Schapira, M., Zohar, A.: Searching for stability in interdomain routing. In: Proc. INFOCOM (2009)Google Scholar
  12. 12.
    Schapira, M., Zhu, Y., Rexford, J.: Putting BGP on the right path: a case for next-hop routing. In: HotNets (2010)Google Scholar
  13. 13.
    Underwood, T.: Pakistan hijacks YouTube (2008), http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Marco Chiesa
    • 1
  • Giuseppe Di Battista
    • 1
  • Thomas Erlebach
    • 2
  • Maurizio Patrignani
    • 1
  1. 1.Dept. of Computer Science and AutomationRoma Tre UniversityItaly
  2. 2.Dept. of Computer ScienceUniversity of LeicesterUK

Personalised recommendations