What exactly is "Routing Attack on IP Networks"?

gabrielcard

I'm doing a college project and this is my topic, but I don't know exactly what this type of attack would be and I can't find the specific topic in forums, articles, etc. I need to make a presentation of a type of attack, such as: XSS attack, Slowloris attack, DOS attack against SDN, SQL Injection attack, Fake WiFi Hotspot attack, ARP Spoofing attack, DNS Spoofing, routing attack on IP networks.

And I don't have any experience with cybersecurity, so if an explanation for laypeople is possible, I would be grateful.

Thanks in advance. 

JDMurray

My guess is any attack that disrupts the normal functioning of Layer 3 routing protocols.  Here's the answer that GPT-4 gives to your question:

"Routing Attack on IP Networks" refers to a set of malicious activities targeting the routing protocols and processes in IP networks. The goal of these attacks is usually to disrupt, intercept, or reroute network traffic. These attacks exploit the vulnerabilities or trust relationships in network routing protocols, causing networks to operate abnormally or inefficiently.
Here are some common types of routing attacks on IP networks and a brief description of each:

Route Injection Attack:

• Attackers advertise IP addresses they don’t actually own. Unsuspecting routers then forward packets to the attacker, allowing them to eavesdrop, modify, or drop the packets.

Route Deletion Attack:

• Attackers withdraw routes that they previously advertised, causing data destined for those addresses to be dropped or routed in unpredictable ways.

Route Modification Attack:

• An attacker modifies routing updates to change specific parameters, causing traffic to take a less optimal or a longer path.

Router Impersonation:

• The attacker sends fake routing updates, pretending to be a legitimate router. This can cause traffic to be rerouted through the attacker or to nowhere.

Neighbor Attack:

• In protocols where routers establish neighbor relationships, an attacker might try to form a relationship with a legitimate router, allowing them to send malicious routing updates.

Replay Attack:

• An attacker captures legitimate routing updates and replays them at a later time. This can cause outdated routes to be used.

Session Attack:

• The attacker targets the session established between routers to exchange routing updates. By breaking this session, routing updates can be interrupted.

Denial of Service (DoS) against Routers:

• By flooding a router with traffic or maliciously crafted packets, an attacker can cause it to be overwhelmed and possibly crash, disrupting the network's normal operations.

Man-in-the-Middle Attack:

• By impersonating a network device or router, an attacker can intercept or alter data being sent between two parties without either party realizing it.

BGP Hijacking:

• This is a subtype of the route injection attack but specifically targets the Border Gateway Protocol (BGP). The attacker announces IP spaces they don’t own, causing Internet traffic for those IPs to route through them.

For your presentation, you can choose one or multiple types of routing attacks and delve deeper into their mechanics, effects, real-world examples, and potential countermeasures. Understanding the inherent trust and decentralized nature of many routing protocols will give you insights into why these networks are vulnerable and how they can be protected.

gabrielcard

@JDMurray. Thanks, I'll show this to my teacher and see if it matches the presentation specifications. I didn't want to seem completely stupid to him, since I can't even attend his classes in person because I work, thank you very much.