IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v2y2009i4p146-153.html
   My bibliography  Save this article

Analysis of security threats to MPLS virtual private networks

Author

Listed:
  • Grayson, Denise
  • Guernsey, Daniel
  • Butts, Jonathan
  • Spainhower, Michael
  • Shenoi, Sujeet

Abstract

Multiprotocol label switching (MPLS) based virtual private networking is one of the fastest-growing network technologies. It provides corporate and government customers with flexible, inexpensive “autobahns” that seamlessly connect multiple, geographically-dispersed sites, enabling voice, video, data and other high-bandwidth applications. The technology is also attractive to service providers because it enables them to flexibly provision resources for a variety of classes of service and applications with excellent quality of service at low cost. This paper analyzes the principal security threats to MPLS virtual private networks (VPNs). Because BGP is crucial to implementing MPLS VPNs, special attention is directed at the protocol and its multiprotocol extensions. This paper describes three classes of exploits on MPLS VPNs: route modification, traffic injection and denial-of-service attacks. It also discusses mitigation strategies that can be implemented by service providers and MPLS VPN customers.

Suggested Citation

  • Grayson, Denise & Guernsey, Daniel & Butts, Jonathan & Spainhower, Michael & Shenoi, Sujeet, 2009. "Analysis of security threats to MPLS virtual private networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 2(4), pages 146-153.
  • Handle: RePEc:eee:ijocip:v:2:y:2009:i:4:p:146-153
    DOI: 10.1016/j.ijcip.2009.08.002
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548209000237
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ijcip.2009.08.002?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Spainhower, Michael & Butts, Jonathan & Guernsey, Daniel & Shenoi, Sujeet, 2008. "Security analysis of RSVP-TE signaling in MPLS networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 1(C), pages 68-74.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. McCallie, Donald & Butts, Jonathan & Mills, Robert, 2011. "Security analysis of the ADS-B implementation in the next generation air transportation system," International Journal of Critical Infrastructure Protection, Elsevier, vol. 4(2), pages 78-87.
    2. Ayoub Bahnasse & Mohamed Talea & Abdelmajid Badri & Fatima Ezzahraa Louhab & Sara Laafar, 2020. "Smart hybrid SDN approach for MPLS VPN management on digital environment," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 73(2), pages 155-169, February.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. McCallie, Donald & Butts, Jonathan & Mills, Robert, 2011. "Security analysis of the ADS-B implementation in the next generation air transportation system," International Journal of Critical Infrastructure Protection, Elsevier, vol. 4(2), pages 78-87.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:2:y:2009:i:4:p:146-153. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.