DocumentCode :
2435757
Title :
Real-Time Security Exercises on a Realistic Interdomain Routing Experiment Platform
Author :
Li, Yue ; Liljenstam, Michael ; Liu, Jason
Author_Institution :
Sch. of Comput. & Inf. Sci., Florida Int. Univ., Miami, FL, USA
fYear :
2009
fDate :
22-25 June 2009
Firstpage :
54
Lastpage :
63
Abstract :
We use a realistic interdomain routing experiment platform to conduct real-time attack and defense exercises for training purposes. Our interdomain routing experiment platform integrates open-source router software, real-time network simulation, and light-weight machine virtualization technologies, and is capable of supporting realistic large-scale routing experiments. The network model used consists of major autonomous systems connecting Swedish Internet users with realistic routing configurations derived from the routing registry. We conduct a series of real-time security exercises on this routing system to study the consequence of intentionally propagating false routing information on interdomain routing and the effectiveness of corresponding defensive measures. We describe three kinds of simplistic BGP attacks in the context of security exercises designed specifically for training purposes. While an attacker can launch attacks from a compromised router by changing its routing policies, administrators will be able to observe the adverse effect of these attacks and subsequently apply appropriate defensive measures to mitigate their impact, such as installing filtering rules. These exercises, all carried out in real time, demonstrate the feasibility of routing experiments using the real-time routing experiment platform.
Keywords :
Internet; internetworking; telecommunication network routing; telecommunication security; BGP attacks; Swedish Internet users; border gateway protocol; defense exercises; light-weight machine virtualization technologies; open-source router software; real-time network simulation; real-time security exercises; realistic interdomain routing experiment platform; Communication system traffic control; Emulation; Information security; Internet; Large-scale systems; Open source software; Routing protocols; Testing; Traffic control; Virtual machining;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Principles of Advanced and Distributed Simulation, 2009. PADS '09. ACM/IEEE/SCS 23rd Workshop on
Conference_Location :
Lake Placid, NY
Print_ISBN :
978-0-7695-3713-9
Type :
conf
DOI :
10.1109/PADS.2009.12
Filename :
5158319
Link To Document :
بازگشت