An Attack Tree for the Border Gateway Protocol

Document Type Expired Internet-Draft (rpsec WG)
Author Sean Convery 
Last updated 2004-04-05
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This I-D presents all known attack vectors into or using BGP. The data is presented in "Attack Tree" format as published by Schneier [ATTACKTREE] and detailed by the CERT in "Attack Modeling for Information Security and Survivability" [MODELING]. Future security improvements to BGP (whether best practices or enhancements to the protocol) should consider the attacks outlined here when determining the relative security improvements such changes provide.


Sean Convery (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)