BGP Attack Tree - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

BGP Attack Tree

Description:

Wear appropriate clothing for the location Attack Tree Example (Graphical) Reset a Single BGP Session Reset a Single BGP Session (Graphical) ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 8
Provided by: SeanCo91
Category:
Tags: bgp | attack | tree

less

Transcript and Presenter's Notes

Title: BGP Attack Tree


1
BGP Attack Tree
  • References draft-convery-bgpattack-00.txt
  • http//trinux.sourceforge.net/draft-convery-bgpatt
    ack-00.html
  • http//trinux.sourceforge.net/draft-convery-bgpatt
    ack-00.txt

2
Motivations
  • Develop formal analysis of potential threats to
    and using BGP
  • Create threat profile useful for evaluating BGP
    security improvements
  • Provide foundation for vulnerability testing of
    new and existing BGP implementations
  • Facilitate repeatable testing methodology by
    third parties
  • Organize the material in a modular and reusable
    way

3
Why Attack Trees?
  • Provide well documented method of exploring every
    possibility an adversary has (technical and
    non-technical).
  • Data presentation in tree format allows
  • Easy gap identification
  • Selective elaboration based on location in the
    tree
  • Ability to assign attributes for nodes of the
    tree
  • Impact of the attack
  • Ease of attack execution
  • Cost of the attack
  • Presence of countermeasures (such as best
    practices)
  • Access/trust requirements to conduct attack
  • http//www.ddj.com/documents/s896/ddj9912a/9912a.
    htm
  • http//www.cert.org/archive/pdf/01tn001.pdf

4
Attack Tree Example
  • Goal Gain unauthorized physical access to
    building
  • Attack
  • OR 1. Unlock door with key
  • OR 1. Steal Key
  • 2. Social Engineering
  • OR 1. Borrow key
  • 2. Convince locksmith to unlock door
  • 2. Pick lock
  • 3. Break window
  • 4. Follow authorized individual into building
  • OR 1. Act like you belong and follow someone
    else
  • 2. Befriend someone authorized outside a
    building
  • 3. Appear in need of assistance (such as
    carrying a large box)
  • AND 4. Wear appropriate clothing for the
    location

5
Attack Tree Example (Graphical)
Blue OR Red AND
Graphic tree representations are generated from
the source attack tree.
6
Reset a Single BGP Session
Attack OR 1. Send message to router causing
reset OR 1. Send RST message to TCP stack
2. Send BGP Message OR 1. Notify
2. Open 3. Keepalive AND
3. TCP Sequence number Attack (Appendix A.4)
2. Alter configuration via compromised
router (Appendix A.1)
7
Reset a Single BGP Session (Graphical)
Blue OR Red AND
Write a Comment
User Comments (0)
About PowerShow.com