Routing Security:

Architecture for Securing the Routing Infrastructure

Introduction

Project Routing Security is funded by DARPA and the Army Research Laboratory. It commenced in May 2001. In the early days of the Internet, security always took a backseat, usually, due to the technical challenges of making it work in the first place. Also, Internet, in its early days, was as an academic effort. With the commercialization of the Internet, security has become a challenge that must be met alongside all others. Even though a lot has been done to secure the Internet at the application level, there has been little done to secure it at the infrastructural level.

The most widely running routing protocols (IP) in the Internet are Routing Information Protocol (RIP), Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP). Like all other protocols on the Internet, the initial versions of these protocols were insecure. Later versions of the protocols have security considerations but the fundamental design of these protocols make them vulnerable. The objective of this project is to identify such vulnerabilities and to devise solutions to overcome them.

Routing works on the network level. It is not possible to perform routing experiments within the confines of one subnet or one network. Moreso, it is not possbile to perform routing attacks on a production network. Therefore, it is essential to have a testbed which can simulate the Internet. Such a testbed has been built here. The testbed has routers running RIP, OSPF and BGP.

In order to identify the vulnerabilities that the protocols have, a series of routing attacks were performed on the testbed. The attacks focus on the routing protocols themselves rather than their implementations. This is to say that every implementation conforming to the RFC will be vulnerable to these attacks. We have developed a general purpose routing packet generator to perform the attacks.

There are two approaches on how to secure the routing infrastructure. The first approach proposes to build security into the routing protocols. This approach has not been very acceptable due to the performance penalties it places on the routers. Moreover, Because of the critical role of routing, there is a considerable inertia to this process. The other approach and the one that we adopt is to secure the routing infrastructure using Intrusion Detection.