poster

Losing control of the internet: using the data plane to attack the control plane

Authors:

Eugene Y. VassermanAuthors Info & Claims

CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

Pages 726 - 728

https://doi.org/10.1145/1866307.1866411

Published: 04 October 2010 Publication History

Get Access

Abstract

In this work, we introduce the Coordinated Cross Plane Session Termination, or CXPST, attack, a distributed denial of service attack that attacks the control plane of the Internet. CXPST extends previous work that demonstrates a vulnerability in routers that allows an adversary to disconnect a pair of routers using only data plane traffic. By carefully choosing BGP sessions to terminate, CXPST generates a surge of BGP updates that are seen by nearly all core routers on the Internet. This surge of updates surpasses the computational capacity of affected routers, crippling their ability to make routing decisions

References

[1]

}}N. W. Group. RFC4271 - A Border Gateway Protocol 4 (BGP-4). http://tools.ietf.org/html/rfc4271, January 2006.

Google Scholar

[2]

}}G. Sinclair, C. Nunnery, and B. B. Kang. The Waledac protocol: The how and why. In In proceeding the IEEE International Conference on Malicious and Unwanted Software (MALWARE), pages 69--77, October 2009.

Google Scholar

[3]

}}K. Sriram, D. Montgomery, O. Borchert, O. Kim, and D. R. Kuhn. Study of BGP peering session attacks and their impacts on routing performance. IEEE Journal on Selected Areas in Communications, 24(10):1901--1915, 2006.

Digital Library

Google Scholar

[4]

}}A. Studer and A. Perrig. The Coremelt attack. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), Sept. 2009.

Digital Library

Google Scholar

[5]

}}F. Wang, Z. M. Mao, J. Wang, L. Gao, and R. Bush. A measurement study on the impact of routing events on end-to-end Internet path performance. SIGCOMM Comput. Commun. Rev., 36(4):375--386, 2006.

Digital Library

Google Scholar

[6]

}}Y. Zhang, Z. M. Mao, and J. Wang. Low-rate TCP-targeted DoS attack disrupts Internet routing. In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2007.

Google Scholar

Cited By

View all

Alsubhi K(2024)A Secured Intrusion Detection System for Mobile Edge ComputingApplied Sciences10.3390/app1404143214:4(1432)Online publication date: 9-Feb-2024
https://doi.org/10.3390/app14041432
Wang RQiu HLiu Z(2024)KNI-DRL: Key Nodes Identification Method Based on Deep Reinforcement Learning in Inter-domain Routing Networks2024 9th International Conference on Computer and Communication Systems (ICCCS)10.1109/ICCCS61882.2024.10603253(698-705)Online publication date: 19-Apr-2024
https://doi.org/10.1109/ICCCS61882.2024.10603253
Khaloopour LSu YRaskob FMeuser TBless RJanzen LAbedi KAndjelkovic MChaari HChakraborty PKreutzer MHollick MStrufe TFranchi NJamali V(2024)Resilience-by-Design in 6G Networks: Literature Review and Novel Enabling ConceptsIEEE Access10.1109/ACCESS.2024.348027512(155666-155695)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3480275
Show More Cited By

Index Terms

Losing control of the internet: using the data plane to attack the control plane
1. Security and privacy
  1. Network security

Recommendations

Controlling IP Spoofing through Interdomain Packet Filters

The Distributed Denial of Services (DDoS) attack is a serious threat to the legitimate use of the Internet. Prevention mechanisms are thwarted by the ability of attackers to forge, or spoof, the source addresses in IP packets. By employing IP spoofing, ...
A Taxonomy of Attacks Using BGP Blackholing
Computer Security – ESORICS 2019
Abstract
BGP blackholing is a common technique used to mitigate DDoS attacks. Generally, the victim sends in a request for traffic to the attacked IP(s) to be dropped. Unfortunately, remote parties may misuse blackholing [29, 57] and send requests for IPs ...
Survey of network-based defense mechanisms countering the DoS and DDoS problems

This article presents a survey of denial of service attacks and the methods that have been proposed for defense against these attacks. In this survey, we analyze the design decisions in the Internet that have created the potential for denial of service ...

Comments

Information & Contributors

Information

Published In

CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

October 2010

782 pages

ISBN:9781450302456

DOI:10.1145/1866307

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chairs:
Angelos D. Keromytis
Columbia University, USA
,
Vitaly Shmatikov
University of Texas at Austin, USA

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Poster

Conference

CCS '10

Sponsor:

SIGSAC

CCS '10: 17th ACM Conference on Computer and Communications Security 2010

October 4 - 8, 2010

Illinois, Chicago, USA

Acceptance Rates

CCS '10 Paper Acceptance Rate 55 of 325 submissions, 17%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

52
Total Citations
View Citations
1,222
Total Downloads

Downloads (Last 12 months)51
Downloads (Last 6 weeks)19

Reflects downloads up to 28 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Alsubhi K(2024)A Secured Intrusion Detection System for Mobile Edge ComputingApplied Sciences10.3390/app1404143214:4(1432)Online publication date: 9-Feb-2024
https://doi.org/10.3390/app14041432
Wang RQiu HLiu Z(2024)KNI-DRL: Key Nodes Identification Method Based on Deep Reinforcement Learning in Inter-domain Routing Networks2024 9th International Conference on Computer and Communication Systems (ICCCS)10.1109/ICCCS61882.2024.10603253(698-705)Online publication date: 19-Apr-2024
https://doi.org/10.1109/ICCCS61882.2024.10603253
Khaloopour LSu YRaskob FMeuser TBless RJanzen LAbedi KAndjelkovic MChaari HChakraborty PKreutzer MHollick MStrufe TFranchi NJamali V(2024)Resilience-by-Design in 6G Networks: Literature Review and Novel Enabling ConceptsIEEE Access10.1109/ACCESS.2024.348027512(155666-155695)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3480275
Liao LMa XZhao CLi ZChao H(2023)FEAROL: Aging Flow Entries Based on Local Staircase Randomized Response for Secure SDN Flow TablesApplied Sciences10.3390/app1305298513:5(2985)Online publication date: 25-Feb-2023
https://doi.org/10.3390/app13052985
Okada SAkashi KMiyamoto DSekiya YTakase HNakamura H(2023)Memory-saving LDoS Attacker Detection Algorithms in Zigbee NetworkJournal of Information Processing10.2197/ipsjjip.31.53731(537-549)Online publication date: 2023
https://doi.org/10.2197/ipsjjip.31.537
Begoli EMeyer EMoriano POesch SKemme BRiviere ESchiavoni VPasin M(2023)Poster: Cognitive Cyber – Dynamic, Adaptive Cyber Defense Systems for Massively Distributed, Autonomous, and Ad-hoc Computing EnvironmentsProceedings of the 17th ACM International Conference on Distributed and Event-based Systems10.1145/3583678.3603283(177-179)Online publication date: 27-Jun-2023
https://dl.acm.org/doi/10.1145/3583678.3603283
Xie RCao JLi QSun KGu GXu MYang Y(2022)Disrupting the SDN Control Channel via Shared Links: Attacks and CountermeasuresIEEE/ACM Transactions on Networking10.1109/TNET.2022.316913630:5(2158-2172)Online publication date: Oct-2022
https://doi.org/10.1109/TNET.2022.3169136
Rezapour ATzeng W(2022)RL-Shield: Mitigating Target Link-Flooding Attacks Using SDN and Deep Reinforcement Learning Routing AlgorithmIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.311808119:6(4052-4067)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TDSC.2021.3118081
Liu ZQiu HGuo WZhu JWang Q(2022)NIE-GAT: node importance evaluation method for inter-domain routing network based on graph attention networkJournal of Computational Science10.1016/j.jocs.2022.10188565(101885)Online publication date: Nov-2022
https://doi.org/10.1016/j.jocs.2022.101885
Zhao WWang YXiong XLi Y(2021)CFM-RFM: A Cascading Failure Model for Inter-Domain Routing Systems with the Recovery Feedback MechanismInformation10.3390/info1206024712:6(247)Online publication date: 14-Jun-2021
https://doi.org/10.3390/info12060247
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Controlling IP Spoofing through Interdomain Packet Filters

A Taxonomy of Attacks Using BGP Blackholing

Survey of network-based defense mechanisms countering the DoS and DDoS problems

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Controlling IP Spoofing through Interdomain Packet Filters

A Taxonomy of Attacks Using BGP Blackholing

Survey of network-based defense mechanisms countering the DoS and DDoS problems

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations