Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
• Disclosure: Disclosure of rout<strong>in</strong>g <strong>in</strong>formation happens when a router<br />
successfully accesses the <strong>in</strong>formation without be<strong>in</strong>g authorized.<br />
Subverted l<strong>in</strong>ks can cause disclosure, if rout<strong>in</strong>g exchanges lack<br />
confidentiality. Subverted devices (routers), can cause disclosure, as long<br />
as they are successfully <strong>in</strong>volved <strong>in</strong> the rout<strong>in</strong>g exchanges. Although<br />
<strong>in</strong>appropriate disclosure of rout<strong>in</strong>g <strong>in</strong>formation can pose a security threat<br />
or be part of a later, larger, or higher layer attack, confidentiality is not<br />
generally a design goal of rout<strong>in</strong>g protocols.<br />
• Deception: This consequence happens when a legitimate router receives a<br />
false rout<strong>in</strong>g message and believes it to be true. Subverted l<strong>in</strong>ks and/or<br />
subverted device (routers) can cause this consequence if the receiv<strong>in</strong>g<br />
router lacks ability to check rout<strong>in</strong>g message <strong>in</strong>tegrity, rout<strong>in</strong>g message<br />
orig<strong>in</strong>, authentication or peer router authentication.<br />
• Disruption: This consequence occurs when a legitimate router's operation<br />
is be<strong>in</strong>g <strong>in</strong>terrupted or prevented. Subvert l<strong>in</strong>ks can cause this by<br />
replay<strong>in</strong>g, delay<strong>in</strong>g, or dropp<strong>in</strong>g rout<strong>in</strong>g messages, or break<strong>in</strong>g rout<strong>in</strong>g<br />
sessions between legitimate routers. Subverted devices (router) can cause<br />
this consequence by send<strong>in</strong>g false rout<strong>in</strong>g messages, <strong>in</strong>terfer<strong>in</strong>g normal<br />
rout<strong>in</strong>g exchanges, or flood<strong>in</strong>g unnecessary messages. (DoS is a common<br />
threat action caus<strong>in</strong>g disruption.)<br />
• Usurpation: This consequence happens when an attacker ga<strong>in</strong>s control<br />
over a legitimate router's services/functions. Subverted l<strong>in</strong>ks can cause<br />
this by delay<strong>in</strong>g or dropp<strong>in</strong>g rout<strong>in</strong>g exchanges, or replay<strong>in</strong>g out-dated<br />
rout<strong>in</strong>g <strong>in</strong>formation. Subverted routers can cause this consequence by<br />
send<strong>in</strong>g false rout<strong>in</strong>g <strong>in</strong>formation, <strong>in</strong>terfer<strong>in</strong>g rout<strong>in</strong>g exchanges, or<br />
system <strong>in</strong>tegrity.” (Quoted from Section 3.1.2 of reference A-15.)<br />
“With<strong>in</strong> the context of the threat consequences described above, damage that<br />
might result from attacks aga<strong>in</strong>st the network as a whole may <strong>in</strong>clude:<br />
• Network congestion: more data traffic is forwarded through some portion<br />
of the network than would otherwise need to carry the traffic,<br />
• Blackhole: large amounts of traffic are directed to be forwarded through<br />
one router that cannot handle the <strong>in</strong>creased level of traffic and drops<br />
many/most/all packets,<br />
• Loop<strong>in</strong>g: data traffic is forwarded along a route that loops, so that the<br />
data is never delivered (result<strong>in</strong>g <strong>in</strong> network congestion),<br />
A-16