software2021-07-21

Mirage

Cytech is really excited to begin the development of the mobile version of Artemis for the project MIRAGE.

The “MIRAGE” (Mitigation of Internet Routing Attacks Globally and Efficiently) project focuses on security flaws (lack of authenticity, corrupted information, etc.) of the Basic Gateway protocol (BGP).  BGP is the protocol that defines the route that data submitted via the internet will travel to reach their destination. During this route the data usually goes through various autonomous systems.

The security flaws lead to BGP prefix hijacking attacks, due to either human error or malicious intent. During these hijacks the routing devices (BGP routers) are fed with false information about Internet “routes”, resulting in data being redirected to invalid destinations where they are destroyed, intercepted, or tampered with. The impact of these attacks is critical as, for example, entire countries may temporarily lose access to the Internet due to a human misconfiguration in an external network. Unfortunately, current countermeasures (RPKI, BGPsec, third-party services) against such attacks are inefficient and do not have the required adoption due to several technical and financial factors. Consequently, the problem has existed for decades.
FORTH designed and implemented the open-source tool ARTEMIS specifically to address this issue. The tool:

(i)         monitors the Internet routing control plane using BGP information sources,

(ii)        detects BGP prefix hijacking attacks based on innovative techniques and

(iii)       automates the countermeasures of the network.

Overall, it can shorten the duration of the attack from hours or days down to a few seconds. This results in a significant reduction of its impact on the Network.

The MIRAGE project aims to transform ARTEMIS into a complete service. In this direction, Cytech is responsible for the design and development of the mobile version of ARTEMIS, focusing on the provision of network status and incident information to mobile users. Moreover, a real-time notification/alert system will be developed both over the Internet as well as over out-of-band mobile networks (via SMS), carrying useful information from the system (mobile ARTEMIS) to its users.

Share