Dark Mode
Capec-584 Detail
BGP Route Disabling
Detailed Communications Software
Parents: 582
Threats: T63 T103 T264 T267 T269 T308 T311
An adversary suppresses the Border Gateway Protocol (BGP) advertisement for a route so as to render the underlying network inaccessible. The BGP protocol helps traffic move throughout the Internet by selecting the most efficient route between Autonomous Systems (AS), or routing domains. BGP is the basis for interdomain routing infrastructure, providing connections between these ASs. By suppressing the intended AS routing advertisements and/or forcing less effective routes for traffic to ASs, the adversary can deny availability for the target network.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-584 | capec | https://capec.mitre.org/data/definitions/584.html | |
| REF-465 | reference_from_CAPEC | https://queue.acm.org/detail.cfm?id=2668966 | Why is it Taking so Long to Secure Internet Routing?, 2014, ACM |
| REF-466 | reference_from_CAPEC | http://www.cc.gatech.edu/~dovrolis/Papers/ccr-bgp.pdf | Beware of BGP Attacks, 2004, ACM SIGCOMM |
Not present
- The adversary must have control of a router that can modify, drop, or introduce spoofed BGP updates.The adversary can convince
- BGP Router
Not present
| Availability |
|---|
| Other (Disabling a network route at the routing infrastructure level denies availability of that route.) |
- Blackholing: The adversary intentionally references false routing advertisements in order to attract traffic to a particular router so it can be dropped.