Losing control of the internet: using the data plane to attack the control plane

Authors:
Max Schuchard;Abedelaziz Mohaisen;Denis Foo Kune;Nicholas Hopper;Yongdae Kim;Eugene Y. Vasserman
Affiliations:
University of Minnesota, Minneapolis, MN, USA;University of Minnesota, Minneapolis, MN, USA;University of Minnesota, Minneapolis, MN, USA;University of Minnesota, Minneapolis, MN, USA;University of Minnesota, Minneapolis, MN, USA;Kansas State University, Manhaattan, KS, USA
Venue:
Proceedings of the 17th ACM conference on Computer and communications security
Year:
2010

Citing 3
Cited 1

A measurement study on the impact of routing events on end-to-end internet path performance

Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
The Coremelt attack

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Study of BGP Peering Session Attacks and Their Impacts on Routing Performance

IEEE Journal on Selected Areas in Communications

Simulation-based study of botnets and defense mechanisms against them

Journal of Computer and Systems Sciences International

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work, we introduce the Coordinated Cross Plane Session Termination, or CXPST, attack, a distributed denial of service attack that attacks the control plane of the Internet. CXPST extends previous work that demonstrates a vulnerability in routers that allows an adversary to disconnect a pair of routers using only data plane traffic. By carefully choosing BGP sessions to terminate, CXPST generates a surge of BGP updates that are seen by nearly all core routers on the Internet. This surge of updates surpasses the computational capacity of affected routers, crippling their ability to make routing decisions