finding the faulty router
TRANSCRIPT
-
7/29/2019 Finding the faulty router
1/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 1
Finding the Faulty orMalicious Router
By,
K.Prakash
R.Aneesh KumarMEPCO
-
7/29/2019 Finding the faulty router
2/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 2
Introduction
Network routing is vulnerable to
disruptions
This cannot be avoided by having a
Secure routing Protocol
-
7/29/2019 Finding the faulty router
3/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 3
Topics
Existing Approach
Secure TraceRoute
Authenticating Secure TracerouteUsing the Secure TraceRoute
Routing Asymmetry
Attacks
-
7/29/2019 Finding the faulty router
4/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 4
EXISTING APPROCH
To securing the Routing Protocol
Validate routing updates
Verify their authenticity
Accuracy
Consistency
-
7/29/2019 Finding the faulty router
5/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 5
EXISTING APPROCH
BGP
It has no mechanism for Authenticity of the
Information or Accuracy of the information it
distributes
-
7/29/2019 Finding the faulty router
6/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 6
EXISTING APPROCH
S BGP
By digital Signature
Centralized Registry
-
7/29/2019 Finding the faulty router
7/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 7
Secure TraceRoute
Normal Traceroute
STR has various Specifications of Packet
1. Hop by hop as the normal traceroute protocol.
2. Reply the node establishes a shared key for encrypted
authenticated Communication
3. Agreed identifying marker in the reply as securetraceroute ACK
4. MAC with addition to marker to ensure authentication
origin
-
7/29/2019 Finding the faulty router
8/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 8
Secure TraceRoute
R1 R2
S D
R3 R6R5R4
R2 initiates the secure
traceroute
Flagged as
faulty
?
CheckS3
Check S4
Check S5
OK R3OK R4
NOT OK
-
7/29/2019 Finding the faulty router
9/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 9
Secure TraceRoute
Iterative process of above steps leads toA Complete route is determined
A faulty linked is found
Secure trace route is more expensive
To make it cost effective we can start at
the point where traceroute indicates a
problem.
-
7/29/2019 Finding the faulty router
10/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 10
Authenticating Secure Traceroute
Public Key Infrastructure using Standard
Protocols
Web of Trust techniques can be used
Key severs
-
7/29/2019 Finding the faulty router
11/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 11
Using the Secure TraceRoute
We have proposed a Five stage process
1. Complaint
2. Complaint Evaluation
3. Normal Traceroute
4. Secure Traceroute
5. Problem Correction
-
7/29/2019 Finding the faulty router
12/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 12
Using the Secure TraceRoute
Complaint
End host can send its traffic by setting the
complaint Bit
Source address spoofing
-
7/29/2019 Finding the faulty router
13/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OFCOMMUNICATION 13
Using the Secure TraceRoute
Complaint Evaluation
If a routers complaint level goes high-then the
receiving router can initiate the investigation
It can starts its investigation by itself
(Complaining router) but its better to be done by
its down stream.Each router waits for a random number of time
before its investigation
-
7/29/2019 Finding the faulty router
14/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
14
Using the Secure TraceRoute
Normal Secure traceroute
It is the first step in the investigation
Path returned by a normal traceroute may be
completely misleading or intercepted by
malicious router or successful path.
This information can be the start point
-
7/29/2019 Finding the faulty router
15/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
15
Using the Secure TraceRoute
Secure tracerouteTo verify the route, the secure traceroute is
initiated
Two casesNormal traceroute gives the successful path then
secure traceroute is cheep.
If normal traceroute has been terminated prematurelythen secure traceroute is stated with the closest node
to the point of failure.
Note: path is given by Normal traceroute is notauthenticated
-
7/29/2019 Finding the faulty router
16/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
16
Using the Secure TraceRoute
Problem Correction
Routing around
Notifying to down stream routes
Human intervention
-
7/29/2019 Finding the faulty router
17/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
17
Routing Asymmetry
Internet Routing is Asymmetry
This creates two problems
1. End node may not be knowing about its
inability to communicate to its peer host
because of network problem in one direction
or opposite direction or in both direction.
2. It also affects secure traceroute performance.
-
7/29/2019 Finding the faulty router
18/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
18
Routing Asymmetry
Impact on the end host complaint process
A receives Bs packet but not the ACK for As
Packet A B,B A
The same B receives packet form A but not the
ACK for Bs packet A B,B A
Another case the both A and B does not receivepackets. A B,B A.
-
7/29/2019 Finding the faulty router
19/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
19
Routing Asymmetry
Impact on Secure traceroute
Two types of difficulties we are facing
A receives Bs packet but not the ACK for As Packet
A B,B AAfter establishing the channel, a new problem may
arise between A to B.
In both the cases two routers may not be
able to establish complete connection.
-
7/29/2019 Finding the faulty router
20/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
20
Routing Asymmetry
SolutionIP source routing
Worst case : if B is not able communicate
to A- rerouting in new route
-
7/29/2019 Finding the faulty router
21/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
21
Attacks
There are number of Potential Attacks
against the Approach. Some are
Unresponsive end host
Malicious router may adjust its disruptive
behaviour so as to avoid detection
-
7/29/2019 Finding the faulty router
22/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
22
Conclusion
Not only a secured routing protocol butalso well behaved Packet forwarding isNeeded
-
7/29/2019 Finding the faulty router
23/23
1/30/2013 12:17 PM NETWORKING IS THE HEART OF
COMMUNICATION
23
THANKYOU REFERENCES:
1. WWW.NETVMG.COM
2. WWW.ROUTESCIENCE.COM
3. WWW.SOCKEYE.COM
4. RFC 3221
5. PERISITENT ROUTE COLLISIONS IN INTER-DOMAINROUTING, COMPUTERNETWORKS,2000
Q
U
RI
E
S
?
http://www.netvmg.com/http://www.routescience.com/http://www.sockeye.com/http://www.sockeye.com/http://www.routescience.com/http://www.netvmg.com/