Next: Triggering Alarms vs Identification Up: Listen and Whisper: Security Previous: Dealing with Adversaries

Whisper: Control Plane Verification

In this section, we will describe the whisper protocol, a control plane verification technique that proposes minor modifications to BGP to aid in detecting invalid routes from misconfigured or malicious routers. In this section, we restrict our discussion to the case where an isolated adversary or a single misconfigured router propagates invalid routes. We will discuss colluding adversaries in Section 7.

The Whisper protocol provides the following properties in the presence of isolated adversaries:

Any misconfigured or malicious router propagating an invalid route will always a trigger an alarm.
A single malicious router advertising more than a few invalid routes will be detected and the effects of these spurious routes will be contained.

Subsections

Triggering Alarms vs Identification
Route Consistency Testing
- Weak Split Whisper
- Strong Split Whisper
Containment: Penalty Based Route Selection

116 2004-02-12