A Firewall for Routers: Protecting against Routing Misbehavior

Edinburgh, UK June 25-June 28

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/DSN.2007.7

37th Annual IEEE/IFIP International C ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ying Zhang Articles by Z. Morley Mao Articles by Jia Wang

	ASCII Text	x
	Ying Zhang, Z. Morley Mao, Jia Wang, "A Firewall for Routers: Protecting against Routing Misbehavior," Dependable Systems and Networks, International Conference on, pp. 20-29, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07), 2007.

	BibTex	x
	@article{ 10.1109/DSN.2007.7, author = {Ying Zhang and Z. Morley Mao and Jia Wang}, title = {A Firewall for Routers: Protecting against Routing Misbehavior}, journal ={Dependable Systems and Networks, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2855-4}, pages = {20-29}, doi = {http://doi.ieeecomputersociety.org/10.1109/DSN.2007.7}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Dependable Systems and Networks, International Conference on TI - A Firewall for Routers: Protecting against Routing Misbehavior SN - 0-7695-2855-4 SP20 EP29 A1 - Ying Zhang, A1 - Z. Morley Mao, A1 - Jia Wang, PY - 2007 KW - null VL - 0 JA - Dependable Systems and Networks, International Conference on ER -

Ying Zhang, University of Michigan, USA

Z. Morley Mao, University of Michigan, USA

Jia Wang, AT&T Labs-Research

In this work, we present the novel idea of route normalization by correcting on the fly routing traffic on behalf of a local router to protect the local network from malicious and misconfigured routing updates. Analogous to traffic normalization for network intrusion detection systems, the proposed RouteNormalizer patches ambiguities and eliminates semantically incorrect routing updates to protect against routing protocol attacks. Furthermore, it serves the purpose of a router firewall by identifying resource-based attacks against routers. Upon detecting anomalous routing changes, it suggests local routing policy modifications to improve route selection decisions. Deploying a RouteNormalizer requires no modification to routers if desired using a transparent TCP proxy setup.

In this paper, we present the detailed design of the RouteNormalizer and evaluate it using a prototype implementation based on empirical BGP routing updates. We validate its effectiveness by showing that many well-known routing problems from operator mailing lists are correctly identified.

Citation:

Ying Zhang, Z. Morley Mao, Jia Wang, "A Firewall for Routers: Protecting against Routing Misbehavior," dsn, pp.20-29, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.