Delayed Internet routing convergence
IEEE/ACM Transactions on Networking (TON)
On inferring autonomous system relationships in the internet
IEEE/ACM Transactions on Networking (TON)
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Route flap damping exacerbates internet routing convergence
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Detection of Invalid Routing Announcement in the Internet
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Guidelines for interdomain traffic engineering
ACM SIGCOMM Computer Communication Review
SPV: secure path vector routing for securing BGP
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Hidden-action in multi-hop routing
Proceedings of the 6th ACM conference on Electronic commerce
Modeling adoptability of secure BGP protocol
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Listen and whisper: security mechanisms for BGP
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Internet clean-slate design: what and why?
ACM SIGCOMM Computer Communication Review
A distributed reputation approach to cooperative internet routing protection
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
The global economy and society increasingly depends on computer networks linked together by the Internet. The importance of computer networks reaches far beyond the telecommunications sector since they have become a critical factor for many other crucial infrastructures and markets. With threats mounting and security incidents becoming more frequent, concerns about network security grow. It is an acknowledged fact that some of the most fundamental network protocols that make the Internet work are exposed to serious threats. One of them is the Border Gateway Protocol (BGP) which determines how Internet traffic is routed through the topology of administratively independent networks that the Internet is comprised of. Despite the existence of a steadily growing number of BGP security proposals, to date none of them has been adopted. Using a precise definition of BGP robustness we experimentally show that the degree of robustness is distributed unequally across the administrative domains of the Internet, the so-called Autonomous Systems (ASes). The experiments confirm the intuition that the contribution ASes are able to make towards securing the correct working of the inter-domain routing infrastructure by deploying countermeasures against routing attacks differ depending on their position in the AS topology. We also show that the degree of this asymmetry can be controlled by the choice of the security strategy. We compare the strengths and weaknesses of two fundamentally different approaches in increasing BGP's robustness which we termed ingress and egress detection of false route advertisements and indicate their implications. Our quantitative results have important implications for Internet security policy, in particular with respect to the crucial question where to start the deployment of which type of security scheme in order to maximize the Internet's robustness to routing attacks.