Organically Assured Routing System (OARS) for Airbourne Networks

An assured routing system for the Airborne Network (AN) is needed for protecting the routing function from security attacks that could disrupt the operation of the network or compromise sensitive information about network operations. Subversion of the network routing function by attackers could be catastrophic for mission-critical applications running on the AN. This is because security attacks on the routing function could propagate misinformation within the routing tables resulting in misrouting of data packets in the network and consequent application failure. ATCorp's Organically Assured Routing System (OARS) implements an attack-resistant routing infrastructure for the AN environment.

OARS is designed to defend the AN against two major kinds of security threats, i.e., malicious outsider nodes and compromised insider nodes.

1. Malicious Outsider Nodes: These are defined as nodes that are not authorized members of the AN. OARS will implement countermeasures against two major security threats posed by them, i.e., 1) eavesdropping or snooping on the routing protocol messages (i.e., control plane messages) exchanged between legitimate members of the AN to obtain sensitive information about the network routing topology and policies; and 2) masquerading as a legitimate member of the AN (i.e., spoofing) to join the network and to disrupt the routing function by spreading misinformation.
2. Compromised Insider Nodes: These are authorized or legitimate members of the AN whose control plane routing functions have been compromised or subverted. OARS will provide countermeasures against two types of security threats posed by such nodes, i.e., 1) falsification of the routing information exchanged with other routers with the aim of disrupting the network routing services; and 2) exfiltration of sensitive network information (e.g., network membership and topology) from a compromised router. The threat posed by compromised insider nodes is a serious concern for the AN since it expects to employ commercial-grade routers (e.g.., Cisco, Juniper) in parts of the network. Because commercial routers may not have been developed to the same level of assurance requirements as military-grade routers (e.g., emerging software defined military radios) they may contain exploits and malicious software that could harm network routing operations.

The OARS approach for protecting the AN from malicious outsiders as well as compromised insiders addresses a key capability gap in AN routing security that exists today and represents a significant advancement in the state-of-the-art.

The development of OARS is funded by the Air Force Research Laboratory (AFRL) at Rome, New York.