BGP Threats and Practical Security

Abstract: Border Gateway Protocol (BGP) is the routing protocol being used for exchanging pathinformation among routers in the Internet. A smooth service of the Internet depends on BGPbut there is much vulnerability in BGP that can be exploited to disrupt the Internet services.BGP is vulnerable to many attacks due to the lack of inherent security measures in its design.Although many protocols are proposed to provide security in BGP, but up-to-date none ofthem has been implemented in practical world due to deployment issues.

In this thesis, we studied the BGP protocol, possible attacks on BGP and theircountermeasures proposed in literature and research. We have designed and implementedcase studies defining different attacks and their mitigation in Chalmers NetworkingLaboratory at Lindholmen, Chalmers campus. BGP is complex protocol; we have studiedBGP and its vulnerabilities in detail. We did comparative and analytical study of the securityprotocols built for BGP in order to explore the reasons for their non-deployment in realworld.

We considered frequently used and best practices proposed by large Internet ServiceProviders (ISPs) to avoid many attacks and problems by employing services like routefiltering, route dampening and prefix limiting. A sample BGP network has been built usingCisco equipment available in the lab along with all possible security threats to test theprotection provided by practical security measures.