Owning the Routing Table. Part II Academic Article uri icon

abstract

  • Abstract Open Shortest Path First (OSPF) is the most popular interior gateway routing protocol on the Internet. Most known OSPF attacks are based on falsifying link state advertisements (LSA) of an attacker-controlled router. These attacks may create serious damage if the attacker-controlled router is strategically located in the autonomous system (AS) topology. However, these attacks can only falsify a small portion of the routing domain's topology; hence their effect is usually limited. More powerful attacks are the ones that affect LSAs of other routers not controlled by the attacker. However, these attacks usually trigger the``fight-back" mechanism by the victim router–the router on behalf of which the attacker advertises the false LSA–which advertises a correcting LSA, making the attacks' effect non- persistent. At Black Hat USA 2011 [BH11] and NDSS 2012 [NDSS12] we presented the …

publication date

  • January 1, 2013