U research exposes Web threat

Researchers hope their data will lead to changes in communications.

by Cali Owings

Internet security researchers from the University of MinnesotaâÄôs College of Science and Engineering have found a flaw in routers that could make the entire Internet vulnerable to attack.

Using a botnet, a large network of externally controlled computers, the researchers simulated an attack that, if used by an adversary, could disrupt routing for the Internet as a whole, said Max Schuchard, one of the graduate research assistants who developed the attack.

The Internet relies on routers that allow computers to communicate with each other. The attack causes routers to disconnect by overwhelming them with guarding updates. It relies on oversubscribing routers âÄî bombarding them simultaneously with more information than they can handle.

But the researchersâÄô data doesnâÄôt mean the Internet will be desolated anytime soon.

âÄúItâÄôs an incredibly sexy title to say that someone has come up with the doomsday weapon for the Internet,âÄù Schuchard said, âÄúThatâÄôs not what this is. ItâÄôs an attack that we think would work in principle, but we couldnâÄôt launch this tomorrow or next week.âÄù

Instead, they are hoping this development will invalidate many of the dangerous assumptions telecommunications companies make about the amount of information routers can handle.

The solution to this type of attack is simple but not as readily available as they would like, Schuchard said.

Routers utilize a device called a line card to process this type of information, and Schuchard said line cards that can function correctly under this type of attack are expensive. Line cards are currently developed to handle an average amount of information.

Schuchard said this attack should be a âÄúgiant red flagâÄù to encourage telecommunications companies to strengthen their equipment.