Network carriers and service providers, over the past recent years, have started the migration process from legacy to the so called Next-Generation Networks (NGNs) where policy-routing is the dominating scheme of operation. Moreover, policy-based protocol such as Multi-protocol Label Switching (MPLS) together with the Border Gateway Protocol (BGP) is widely used both within core networks and among sites or also disparate organisation networks, typically at the network provider or carrier level. Network operators do not wish to reveal such policy information details for business and security reasons. While, adversaries are known for launching foot-printing and reconnaissance attacks ages in advance of more malicious attacks. Interestingly, adversaries' foot-printing attacks are driven by the fact that policy-based networks are more sensitive to sudden changes. In this thesis, we firstly demonstrate and explain the fear of revealing routing-policy information by analysing the ability of a limited adversary to disturb or disable the service provided by policy-based networks. Then, the study of routing-policy reconnaissance analysis is introduced, roughly, in two stages. In the first stage the routing-policy engine is specified which is typically the policy engine that is implemented in MPLS networks. Also, the evidence and traits that are left by this policy engine are identified as well as the appropriate probing element for analysis purposes. In the second stage, the analysis of the reconnaissance of MPLS policy engine is conducted according to different scenarios and restrictions. Finally, the thesis concludes with the analysis of the ability of adversaries to reveal information about policy engines in policy-based networks.
|31 Aug 2016
|Unpublished - 2016