BGPFuzz: Automated Configuration Fuzzing of the Border Gateway Protocol
By: Chenlu Zhang, Amirmohammad Pasdar, Van-Thuan Pham
Telecommunications networks rely on configurations to define routing behavior, especially in the Border Gateway Protocol (BGP), where misconfigurations can lead to severe outages and security breaches, as demonstrated by the 2021 Facebook outage. Unlike existing approaches that rely on synthesis or verification, our work offers a cost-effective method for identifying misconfigurations resulting from BGP's inherent complexity or vendor-specific implementations. We present BGPFuzz, a structure-aware and stateful fuzzing framework that systematically mutates BGP configurations and evaluates their effects in virtualized network. Without requiring predefined correctness properties as in static analysis, BGPFuzz detects anomalies through runtime oracles that capture practical symptoms such as session resets, blackholing, and traffic redirection. Our experiments show that BGPFuzz can reliably reproduce and detect known failures, including max-prefix violations and sub-prefix hijacks.
Similar Papers
PBFuzz: Agentic Directed Fuzzing for PoV Generation
Cryptography and Security
Finds software bugs much faster than before.
Intelligent Graybox Fuzzing via ATPG-Guided Seed Generation and Submodule Analysis
Cryptography and Security
Finds hardware bugs faster by testing smart.
Is Crunching Public Data the Right Approach to Detect BGP Hijacks?
Cryptography and Security
Makes internet routing safer from sneaky attacks.