Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
There are a variety of threats associated with attack<strong>in</strong>g each of these subsystems. For example,<br />
“An attacker who is able to break a database exchange between two routers can<br />
also affect rout<strong>in</strong>g behavior. In the rout<strong>in</strong>g protocol data plane, an attacker who is<br />
able to <strong>in</strong>troduce bogus data can have a strong effect on the behavior of rout<strong>in</strong>g <strong>in</strong><br />
the neighborhood.<br />
At the rout<strong>in</strong>g function level threats can affect the transport subsystem, where the<br />
rout<strong>in</strong>g protocol can be subject to attacks on its underly<strong>in</strong>g protocol. At the<br />
neighbor state ma<strong>in</strong>tenance level, there are threats that can lead to attacks that can<br />
disrupt the neighbor<strong>in</strong>g relationship with widespread consequences. For example,<br />
<strong>in</strong> BGP, if a router receives a CEASE message, it can lead to break<strong>in</strong>g of its<br />
neighbor<strong>in</strong>g relationship to other routers.<br />
There are threats aga<strong>in</strong>st the database ma<strong>in</strong>tenance functionality. For example,<br />
the <strong>in</strong>formation <strong>in</strong> the database must be authentic and authorized. Threats that<br />
jeopardize this <strong>in</strong>formation can affect the rout<strong>in</strong>g functionality <strong>in</strong> the overall<br />
network. For example, if an OSPF router sends [L<strong>in</strong>k State Advertisements]<br />
LSAs with the wrong Advertis<strong>in</strong>g Router, the receivers will compute a [Shortest<br />
Path First] SPF tree that is <strong>in</strong>correct and might not forward the traffic. If a BGP<br />
router advertises a [Network Layer Reachability Information] NLRI that it is not<br />
authorized to advertise, then receivers might forward that NLRI's traffic toward<br />
that router and the traffic would not be deliverable. A [Protocol Independent<br />
Multicast] PIM router might transmit a JOIN message to receive multicast data it<br />
would otherwise not receive.” (Quoted from Section 3 of reference A-15.)<br />
“In general, threats can be classified <strong>in</strong>to the follow<strong>in</strong>g categories based on their<br />
sources:<br />
• Threats that result from subverted l<strong>in</strong>ks: A l<strong>in</strong>k become subverted when an<br />
attacker ga<strong>in</strong> access (or control) to it through a physical medium. The<br />
attacker can then take control over the l<strong>in</strong>k. This threat can result from the<br />
lack (or the use of weak) access control mechanisms as applied to physical<br />
mediums or channels. The attacker may eavesdrop, replay, delay, or drop<br />
rout<strong>in</strong>g messages, or break rout<strong>in</strong>g sessions between authorized routers,<br />
without participat<strong>in</strong>g <strong>in</strong> the rout<strong>in</strong>g exchange.<br />
• Threats that result from subverted devices (e.g. routers): A subverted<br />
device (router) is an authorized router that may have been broken <strong>in</strong>to by<br />
an attacker. The attacker can use the subverted device to <strong>in</strong>appropriately<br />
claim authority for some network resources, or violate rout<strong>in</strong>g protocols,<br />
such as advertis<strong>in</strong>g <strong>in</strong>valid rout<strong>in</strong>g <strong>in</strong>formation.” (Quoted from Section<br />
3.1.1 of reference A-15.)<br />
“There are four types of threat consequences: disclosure, deception, disruption,<br />
and usurpation.<br />
A-15