Поєднання традиційних методів і метричного підходу до оцінки ризиків від кібератак на глобальну маршрутизацію

Abstract

One of the most significant Internet-related problems of cybersecurity is route hijacking counteraction in the Internet global routing system. Attacking global routing is capable of harming millions of network devices (and also users) with much less effort than the well-known DDoS or Ransomware attacks. The problem defined by Internet Engineering Task force (IETF, in RFC 7908) as «the propagation of routing announcement(s) beyond their intended scope. That is, an announcement from an Autonomous System (AS) of a learned BGP route to another AS is in violation of the intended policies of the receiver, the sender, and/or one of the ASes along the preceding AS path». In other words, some Internet provider could announce a route to some network prefixes which don’t belong to him. Then, a new fake route can compete with true route, and can win using BGP selection criteria. As a result, traffic to victimized networks is redirected improper way where it can be dropped, monitored, diversed. Border Gateway Protocol (BGP) itself has no mechanisms to defend routes. There are many improvements, including cryptographical approaches (electronic signatures, certificates, routing registries), are still either computationally complex, or hard to implement and control worldwide, or both. Avoiding or minimizing this risk is an actual problem.Relying on world practices of risk management, we‘ve made theoretical approaches to identification and evaluation of route hijacking risk by exploring topology — links and relations between the ASes. On a first step, we have proceeded through ISO Guide 73:2009 «Risk Management – Vocabulary» to tie-up to the commonly used methodical approach for risk management. Then, we used a classic STRIDE approach to routing security threats classification, and DREAD model to assess each threat of STRIDE acronym. Using such two-dimensional measuring, we achieved a numerically expressed impact of each threat on aggregated risk evaluation.Further we used offered earlier metric function of the Internet so we can see and specify clear relation between distance between two nodes and risk of route hijacking. The more distance between two autonomous systems, the more is risk of successful intrusion in global routing for their mutual traffic distortion. The same way we can measure the distance (i.e. evaluate the risk of route hijacking) between one node and a group of some other nodes. In the conclusion we emphasize that such approach opens a way to further formulation of route hijacking risk management problem in terms of topology tasks. Fig.: 3. Refs: 11 titles.