An Attack Tree for the Border Gateway Protocol

Document Type Expired Internet-Draft (individual)
Author Sean Convery 
Last updated 2003-09-18 (latest revision 2003-01-07)
Stream (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This I-D presents all known attack vectors into or using BGP. The data is presented in 'Attack Tree' format as published by Schneier [1] and detailed by the CERT in 'Attack Modeling for Information Security and Survivability' [2]. Future security improvements to BGP (whether best practices or enhancements to the protocol) should consider the attacks outlined here when determining the relative security improvements such changes provide.


Sean Convery (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)