Internet Routing Architectures
Internet Routing Architectures
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Detection and analysis of routing loops in packet traces
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Towards an accurate AS-level traceroute tool
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
On the correlation between route dynamics and routing loops
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
End-to-end routing behavior in the internet
ACM SIGCOMM Computer Communication Review
PlanetSeer: internet path failure monitoring and characterization in wide-area services
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Avoiding traceroute anomalies with Paris traceroute
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
A measurement study of persistent forwarding loops on the Internet
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detection, understanding, and prevention of traceroute measurement artifacts
Computer Networks: The International Journal of Computer and Telecommunications Networking
Effective diagnosis of routing disruptions from end systems
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Instability free routing: beyond one protocol instance
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Securing the data path of next-generation router systems
Computer Communications
| Hi-index | 0.00 |
In this paper, we present flooding attacks that exploit routing anomalies in the Internet. In particular, we focus on routing anomalies introduced by persistent forwarding loops. Persistent forwarding loops may share one or more links with forwarding paths to reachable addresses. An attacker can exploit persistent forwarding loops to overload the shared links to disrupt the Internet connectivity to those reachable addresses. To understand the extent of this vulnerability, we perform extensive measurements to systematically study persistent forwarding loops and the number of network addresses that can be affected. We find that persistent forwarding loops do exist in the current Internet. About 0.2% of routable addresses experience persistent forwarding loops and 0.21% of routable addresses can be attacked by exploiting persistent forwarding loops. In addition, 85.16% of the persistent forwarding loops appear within destination domains and they can be observed from various locations, which makes it possible to launch attacks from many vantage points. We also find that most persistent forwarding loops are just two hops long, which enables an attacker to amplify traffic to persistent forwarding loops significantly. To the best of our knowledge, this is the first study of exploiting the vulnerability of persistent forwarding loops to launch DDoS attacks.