Question

1. IRV is one of the techniques used to solve BGP security problem, explain briefly titis technique and its drawback? 2. What
0 0
Add a comment Improve this question Transcribed image text
Answer #1

1. IRV :

IRV is a receiver-driven protocol . In IRV (Interdomain Routing Validator) protocol, instead of making any changes to BGP, the necessary processing is done on an external box which is called as interdomain routing validator. The IRV connects with all BGP routers within the AS (autonomous system ) and holds a copy of the AS's routing policy. The basic idea of this protocol is that different ASes can connect with each other on reception of BGP update messages to check whether the update is valid or not and each data item can be validated by directly querying the AS from when it comes. IPsec or transport layer is used to secure the communication among IRV servers to ensure the authenticity, integrity, and confidentiality of queries and results. IRV servers can tailor responses to queries based on the requesting entity which allows the IRV to perform access control over the routing data which is useful in limiting the exposure of sensitive data.

Drawbacks:

  • Routers in a network only propagate the best route over BGP which makes the IVR difficult to get a complete view of all incoming BGP updates.
  • In this protocol there is no discussion on the security and reliability implications of having a centralized service for finding the IRVs associated with each AS.

2. Please find the differences between SoBGP and SBGP below.

So-BGP

S-BGP

So-BGP uses a web-of-trust model for validating AS numbers.

S-BGP uses a centralized trust model for validating AS numbers

It validates the IP address delegation among ASes.

It traces how the IP address are delegated among the organization.

So-BGP verifies the plausibility of an AS_PATH.

S-BGP verifies the integrity of AS_PATH. Thus, it provides stronger security of AS_PATH than SoBGP.

It uses secure transport layer as hop integrity.

It uses IPsec as hop integrity.

3.

Prefix hijacking:

Prefix hijacking is a type of network attack through which an attacker can gain the access of groups of IP addresses by corrupting Internet routing tables maintained using the Border Gateway Protocol (BGP). Here attackers use a false ownership of groups of IP addresses, called IP prefixes. Prefix hijacking can happen in one of the below three ways.

  • A block containing unallocated space can be announced.
  • A subblock of an existing allocation can be announced.
  • A competing announcement for the same space as an existing announced allocation.

The aim of prefix hijacking to obtain IP addresses for use in distributed denial-of-service (DDoS) attack.

Prefix destabilization attack:

In this attack a stable network can be rendered unstable by single fixed route attacker. Such kind of attack takes place due to the lack of infrastructure to validate the correctness of information in routing messages. It affects the network performance by destabilization of route topology and traffic flow. Using this attack the attackers can gain the access of sensitive data.

Add a comment
Know the answer?
Add Answer to:
1. IRV is one of the techniques used to solve BGP security problem, explain briefly titis...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT