Dear Jared,

This was a very interesting read. Thank you for sharing it with us. The paper contained new information for me, if I hope I summarize it correctly: by combining AS_PATH poisoning and botnets, the botnet’s firing power can be more precisely aimed at a specific target. 

Can you clarify what the definition of a “link” is? Is it the logical interconnection between two ASNs (many pairs of ASNs interconnect in many places), or is it a reference to a specific physical interconnection between two routers, each in a different ASN?

The paper mentions that if the top 20 transit-free (“tier-1”) networks protect each other against poisoning, the Maestro attack is drastically reduced in effectiveness. I have good news, amongst this set of networks, there already is a widely deployed anti poisoning mechanism, sometimes referred to as “Peerlock”. https://www.youtube.com/watch?v=CSLpWBrHy10
https://www.nanog.org/sites/default/files/Snijders_Everyday_Practical_Bgp.pdf . I think this paper suggests the Peerlock practice should be promoted more, and perhaps automated.

Kind regards,

Job

On Fri, 10 May 2019 at 15:27, Jared Smith <jms@vols.utk.edu> wrote:
Hello,

Our research lab at the University of Tennessee (volsec.org) has recently completed
a study on channeling link-flooding attack (transit link DDoS) flows
via BGP poisoning: the Maestro attack. We are seeking feedback on mitigation (see below). A brief summary from the abstract:

"Executed from a compromised or malicious Autonomous System (AS),
Maestro advertises specific-prefix routes poisoned for selected ASes
to collapse inbound traffic paths onto a single target link. A greedy
heuristic fed by publicly available AS relationship data iteratively
builds the set of ASes to poison. Given a compromised BGP speaker with
advantageous positioning relative to the target link in the Internet
topology, an adversary can expect to enhance flow density by more than 30%.
For a large botnet (e.g., Mirai), the bottom line result is augmenting a
DDoS by more than a million additional infected hosts. Interestingly, the
size of the adversary-controlled AS plays little role in this
amplification effect. Devastating attacks on core links can be executed by
small, resource-limited ASes."

We are seeking feedback from operators on the attack and the proposed
mitigations we have identified. While we have worked with our campus BGP
operators, we are reaching out to the broader community for additional insights.

Other than general notes/comments, we have two specific questions that we would
like to include feedback for in the final paper soon to be submitted:

1) Do you already filter poisoned/path prepend advertisements? This would
mitigate the attack.

2) After seeing this attack, would you consider adding poison filtering or some other Day mitigation?

The preprint is available at: tiny.utk.edu/maestro. See Section 7 on defenses.

Please reply with any thoughts. Thank you in advance for comments, insight, and general feedback.

Best,
Tyler McDaniel, Jared Smith, and Max Schuchard
UT Computer Security Lab
volsec.org