You are on page 1of 23

Finding the Faulty or Malicious Router

By,

K.Prakash R.Aneesh Kumar MEPCO
1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 1

Introduction
Network routing is vulnerable to disruptions This cannot be avoided by having a Secure routing Protocol

1/30/2013 12:17 PM

NETWORKING IS THE HEART OF COMMUNICATION

2

Topics Existing Approach Secure TraceRoute Authenticating Secure Traceroute Using the Secure TraceRoute Routing Asymmetry Attacks 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 3 .

EXISTING APPROCH To securing the Routing Protocol Validate routing updates Verify their authenticity Accuracy Consistency 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 4 .

EXISTING APPROCH BGP It has no mechanism for Authenticity of the Information or Accuracy of the information it distributes 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 5 .

EXISTING APPROCH S BGP By digital Signature Centralized Registry 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 6 .

Reply the node establishes a shared key for encrypted authenticated Communication 3. 2. Hop by hop as the normal traceroute protocol. Agreed identifying marker in the reply as secure traceroute ACK 4. MAC with addition to marker to ensure authentication origin 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 7 .Secure TraceRoute  Normal Traceroute  STR has various Specifications of Packet 1.

Secure TraceRoute CheckS3 Check S4 Check S5 S D R1 R2 OK R3 R3 OK R4 R4 ? R5 R6 NOT OK R2 initiates the secure traceroute 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION Flagged as faulty 8 .

1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 9 .Secure TraceRoute Iterative process of above steps leads to A Complete route is determined A faulty linked is found Secure trace route is more expensive To make it cost effective we can start at the point where traceroute indicates a problem.

Authenticating Secure Traceroute Public Key Infrastructure using Standard Protocols Web of Trust techniques can be used Key severs 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 10 .

4. Complaint Complaint Evaluation Normal Traceroute Secure Traceroute Problem Correction 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 11 .Using the Secure TraceRoute  We have proposed a Five stage process 1. 2. 3. 5.

Using the Secure TraceRoute Complaint End host can send its traffic by setting the “complaint Bit” Source address spoofing 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 12 .

Each router waits for a random number of time before its investigation 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 13 .Using the Secure TraceRoute Complaint Evaluation If a routers complaint level goes high-then the receiving router can initiate the investigation It can starts its investigation by itself (Complaining router) but its better to be done by its down stream.

Using the Secure TraceRoute Normal Secure traceroute It is the first step in the investigation Path returned by a normal traceroute may be completely misleading or intercepted by malicious router or successful path. This information can be the start point 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 14 .

If normal traceroute has been terminated prematurely then secure traceroute is stated with the closest node to the point of failure. Note: path is given by Normal traceroute is not authenticated 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 15 .Using the Secure TraceRoute Secure traceroute To verify the route. the secure traceroute is initiated Two cases Normal traceroute gives the successful path then secure traceroute is cheep.

Using the Secure TraceRoute Problem Correction Routing around Notifying to down stream routes Human intervention 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 16 .

Routing Asymmetry  Internet Routing is Asymmetry  This creates two problems 1. It also affects secure traceroute performance. 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 17 . 2. End node may not be knowing about its inability to communicate to its peer host because of network problem in one direction or opposite direction or in both direction.

1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 18 .Routing Asymmetry Impact on the end host complaint process A receives B’s packet but not the ACK for A’s Packet A B.B A.B A The same B receives packet form A but not the ACK for B’s packet A B. A B.B A Another case the both A and B does not receive packets.

Routing Asymmetry Impact on Secure traceroute Two types of difficulties we are facing A receives B’s packet but not the ACK for A’s Packet A B. a new problem may arise between A to B. In both the cases two routers may not be able to establish complete connection.B A After establishing the channel. 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 19 .

Routing Asymmetry Solution –IP source routing Worst case : if B is not able communicate to A.rerouting in new route 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 20 .

Attacks There are number of Potential Attacks against the Approach. Some are Unresponsive end host Malicious router may adjust its disruptive behaviour so as to avoid detection 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 21 .

Conclusion Not only a secured routing protocol but also well behaved Packet forwarding is Needed 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 22 .

COM 3.2000 1/30/2013 12:17 PM NETWORKING IS THE HEART OF COMMUNICATION 23 . COMPUTER NETWORKS.THANKYOU Q U R I E S ?  REFERENCES: 1.NETVMG.COM 2. RFC 3221 5. WWW. WWW.ROUTESCIENCE. WWW.COM 4.SOCKEYE. PERISITENT ROUTE COLLISIONS IN INTERDOMAINROUTING.