Posted on by Hongming Li

BGP Protocols among Autonomous Routing System and Route Hijacking

Broad Gateway Protocol

Suppose you want to send a file over to your friend, it has to undergo many layers of the internet. In the transport layer, files are first fragmented into small packets, which are the small data units that gets transferred over the network. Network routers play an important role across the internet, because they are the traffic control devices that ensures packets are safely and efficiently delivered to the destination specified by IP headers. Border Gateway Protocol(BGP), is a protocol between routers that updates traffic information about the network, the most important thing it does is that it finds the shortest path for the destination IP address.

The whole Routing System is a decentralized network

  • Each rounter and IP address represent a node and its location respectively.
  • Packets are the messages get transferred from Node s to Node t.
  • Source routers only know other routers’ IP address in its IP address cache.

For a file transfer from source router <s> to destination router < t>, the source router is given a file and the destination IP address to send to. Initially, the source router only knows the routers that are cached in its IP address table, it then messages to all the IP address on, which in turn should have messaged to all the IP address they know, essentially it conducts a breadth first search. Source router then transfers the file over to the router that claims to have the shortest path.

  • Route Hijacking

24th of April,2018, Los Angeles, Seattle and Detroit in the US were able to connect to Amazon’s DNS server. These regions connected to a network prefix 205.251.193.0/24 (Amazon’s announced proper prefix is 205.251.193.0/23)shows up mysteriously. This is a route hijack, a malicious intent took control of a network and advertise a fake shortest route to Amazon. During the hijack, This allows the hacker to redirect traffic to other places than where it was supposed be directed to, namely Amazon.

Even the network routing system is designed efficiently for network traffic. The system is intended for a trustworthy environment where every routers play according to the rule. However, It is very vulnerable to malicious attacks.

Resources:

https://blogs.akamai.com/2018/11/bgp-route-hijacking.html

https://blog.thousandeyes.com/amazon-route-53-dns-and-bgp-hijack/

Leave a Reply

Your email address will not be published. Required fields are marked *