Hierarchical packet fair queueing algorithms
IEEE/ACM Transactions on Networking (TON)
SPV: secure path vector routing for securing BGP
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Modeling adoptability of secure BGP protocol
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Origin authentication in interdomain routing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Designing extensible IP router software
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Strong accountability for network storage
ACM Transactions on Storage (TOS)
PeerReview: practical accountability for distributed systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
AS-based accountability as a cost-effective DDoS defense
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Passport: secure and adoptable source authentication
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
To filter or to authorize: network-layer DoS defense against multimillion-node botnets
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Accountable internet protocol (aip)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Quantifying the operational status of the DNSSEC deployment
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Proceedings of the ACM SIGCOMM 2010 conference
NetFence: preventing internet denial of service from inside out
Proceedings of the ACM SIGCOMM 2010 conference
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
Free-riding and whitewashing in peer-to-peer systems
IEEE Journal on Selected Areas in Communications
The great IPv4 land grab: resource certification for the IPv4 grey market
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
ASAP: a low-latency transport layer
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Lack of accountability makes the Internet vulnerable to numerous attacks, including prefix hijacking, route forgery, source address spoofing, and DoS flooding attacks. This paper aims to bring accountability to the Internet with low-cost and deployable enhancements. We present IPA, a design that uses the readily available top-level DNSSEC infrastructure and BGP to bootstrap accountability. We show how IPA enables a suite of security modules that can combat various network-layer attacks. Our evaluation shows that IPA introduces modest overhead and is gradually deployable. We also discuss how the design incentivizes early adoption.