The attack was part of a student project in the Computer Science Department and has attracted substantial interest in two scientific conferences; the students will be awarded the Technion Amdocs Prize.
Alex Kirshon and Dima Gonikman, students in the Technion Computer Science Department, showed how to hack the OSPF routing protocol, the most common protocol on the internet. The attack was part of a student project in the Laboratory of Computer Communication and Networking. It attracted substantial interest in the two scientific conferences it was presented where it was presented. Alex and Dima, supervised by Dr. Gabi Nakibly and Itai Dabran, will be awarded the Technion Amdocs Prize for Best Project in Computer Science.
Hundreds of thousands of routers work on the internet, linking the different networks. Each router is supposed to “know” all the other routers and to “talk” to them (to obtain information about their neighbors and about networks connected to them). The incessant involvement of the routers in the transmission of this information encumbers them and diminishes their effectiveness. Hence, the internet is in fact split into autonomic systems that “talk” to each other. The routers in each such system “know” each another.
The most popular protocol for the transmission of information between routers in autonomic systems is OSPF. If it malfunctions, many messages will not reach their destination. Moreover, there is concern that these messages will reach the attacker of the protocol. Accordingly, stringent security measures are in place for the protocols of network routers.
One of the important defenses is called “fight-back”. When it is implemented – when a router recognizes that another router has sent data in its name – it immediately issues a correction.
With help from their supervisors, Alex Kirshon and Dima Gonikman “targeted” this correction. They triggered a fight-back from a router on the network, but immediately before it was sent, they sent a fight-back with false data that was received by some of the other routers. When these routers received the fight-back of the compromised router, they rejected it.
The “attacking” students also identified in advance which fight-back the attacked router will send, so that the other routers received it “without doubts or questions”. From the moment they received the “fake” fight-back, routers on the network have incorrect routing tables.
Such an attack can disrupt the entire operation of the autonomic system, prevent messages from reaching their destination and unnecessarily create substantial traffic on the network.
