DETERMINING THE WAYS OF COUNTERACTION TO CYBERATTACKS ON THE INTERNET GLOBAL ROUTING

V.Yu. Zubok
THE GEORGY PUKHOV INSTITUTE FOR ENERGY MODELLING THE NATIONAL ACADEMY OF SCIENCES OF UKRAINE

Èlektron. model. 2018, 40(5):67-77
https://doi.org/10.15407/emodel.40.05.067

ABSTRACT

Attacking global routing is capable of harming millions of network devices (and also users) with much less effort than the well-known DoS or Ransomware attacks. The global routing protocol BGP-4, despite its fundamental significance, is not secure, because it is based on trust between the participants of global routing. In the absence of fast prospects for implementing a more secure global routing protocol, it is necessary to suggest approaches that could be applied at the scope of a large operator, industry, region, to mitigate the possible losses from attacks on global routing. For this purpose, two general directions of counteraction are proposed: a) prevention of own prefixes hijacking; b) identification of hijacked routes and blocking outbound traffic to the compromised prefixes. The first direction is proposed to be described as the task of searching for the most effective topological organization of inter-node links, which can reduce losses from route hijacking within a certain target group of nodes.

KEYWORDS

global routing, route hijacking, link optimization, cyber security.

REFERENCES

  1. Rekhter, , Li, T. and Hares, S. (2006), A border gateway protocol 4 (BGP-4), avalable at: https://tools.ietf.org/html/rfc4271 (accessed June 09, 2018).
  2. Symantec (2018), Internet security threat report 2018, available at: symantec.com/security-center/threat-report (accessed May 10, 2018).
  3. Global ransomware damages predicted to exceed $5 billion in 2017, Cybercrime Magazine, avalable at: https://cybersecurityventures.com/ransomware-damage-report-2017-5-billion/ (accessed May 10, 2018).
  4. The Next Web (2017), Google made a tiny error and it broke half the internet in Japan, avalable at: https://thenextweb.com/google/2017/08/28/google-japan-internet-blackout/ (accessed 28, 2018).
  5. Goodin, (2017), Russian-controlled telecom hijacks financial services’ Internet traffic, avalable at: https://arstechnica.com/information-technology/2017/04/russian-controlled- telecom-hijacks-financial-services-internet-traffic/ (accessed Dec. 1, 2017).
  6. Apostolaki, , Zohar, A. and Vanbever, L. (2017), Hijacking bitcoin: Routing attacks on cryptocurrencies”, available at: https://btc-hijack.ethz.ch/files/btc_hijack.pdf (accessed Apr. 28, 2018).
  7. MERIT, List of routing registries, available at: http://www.irr.net/docs/list.html (accessed 28, 2018).
  8. RIPE NCC, BGP origin validation, available at: https://www.ripe.net/manage-ips-and-asns/ resource-management/certification/bgp-origin-validation (accessed 28, 2018).
  9. Zubok, (2017), “Use of DNSSEC technology for protection of domain names in the Ukrainian segment of Internet”, Information Technology and Security, Institute of Special Communication and Information Protection, Vol. 5, Iss. 2, pp. 43-50.
  10. Zubok, V. (2012), “Practical aspects of modeling changes in the topology of the global computer network”, Reyestratsiya, zberigannya i obrobka danykh, Vol. 14, no. 2, pp. 67-78.

Full text: PDF