Sensor-based intrusion detection for intra-domain distance-vector routing
Proceedings of the 9th ACM conference on Computer and communications security
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Secure traceroute to detect faulty or malicious routing
ACM SIGCOMM Computer Communication Review
Protecting BGP Routes to Top Level DNS Servers
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Rushing attacks and defense in wireless ad hoc network routing protocols
WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
Addressing reality: an architectural response to real-world demands on the evolving Internet
FDNA '03 Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Origin authentication in interdomain routing
Proceedings of the 10th ACM conference on Computer and communications security
ACM SIGCOMM Computer Communication Review
SPV: secure path vector routing for securing BGP
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Reliable broadcast in unknown fixed-identity networks
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
BGP-RCN: improving BGP convergence through root cause notification
Computer Networks and ISDN Systems
HLP: a next generation inter-domain routing protocol
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Modeling and Simulation in Security Evaluation
IEEE Security and Privacy
Aggregated path authentication for efficient BGP security
Proceedings of the 12th ACM conference on Computer and communications security
Identity-based registry for secure interdomain routing
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Modeling adoptability of secure BGP protocols
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Efficient large-scale BGP simulations
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Network modelling and simulation
Modeling adoptability of secure BGP protocol
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Routing optimization security in mobile IPv6
Computer Networks: The International Journal of Computer and Telecommunications Networking
Optimizing BGP security by exploiting path stability
Proceedings of the 13th ACM conference on Computer and communications security
Origin authentication in interdomain routing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of the SPV secure routing protocol: weaknesses and lessons
ACM SIGCOMM Computer Communication Review
Listen and whisper: security mechanisms for BGP
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Theoretical bounds on control-plane self-monitoring in routing protocols
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
Truth in advertising: lightweight verification of route integrity
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A service-centric approach to access control and monitoring based on distributed trust
CASCON '07 Proceedings of the 2007 conference of the center for advanced studies on Collaborative research
ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks
ACM Transactions on Information and System Security (TISSEC)
Packet forwarding with source verification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Practical defenses against BGP prefix hijacking
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Secure sensor network routing: a clean-slate approach
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Large-scale testing of the Internet's Border Gateway Protocol (BGP) via topological scale-down
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Consensus routing: the internet as a distributed system
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Securing user-controlled routing infrastructures
IEEE/ACM Transactions on Networking (TON)
Rationality and traffic attraction: incentives for honest path announcements in bgp
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Ispy: detecting ip prefix hijacking on my own
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Accountable internet protocol (aip)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Autonomous security for autonomous systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Validation Algorithms for a Secure Internet Routing PKI
EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
Cooperative Management Framework for Inter-domain Routing System
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
SEM: A Security Evaluation Model for Inter-domain Routing System in the Internet
IPOM '08 Proceedings of the 8th IEEE international workshop on IP Operations and Management
An economic mechanism for better Internet security
Decision Support Systems
Quantifying the operational status of the DNSSEC deployment
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Asynchronous policy evaluation and enforcement
Proceedings of the 2nd ACM workshop on Computer security architectures
Symmetric Key Approaches to Securing BGP --- A Little Bit Trust Is Enough
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Fast autonomous system traceback
Journal of Network and Computer Applications
Certificate-based sequential aggregate signature
Proceedings of the second ACM conference on Wireless network security
A new certificateless aggregate signature scheme
Computer Communications
Universal forgery of the identity-based sequential aggregate signature scheme
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Probabilistic IP prefix authentication (PIPA) for prefix hijacking
CFI '09 Proceedings of the 4th International Conference on Future Internet Technologies
NetReview: detecting when interdomain routing goes wrong
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
ROFL: routing as the firewall layer
Proceedings of the 2008 workshop on New security paradigms
BGP-RCN: improving BGP convergence through root cause notification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Securing data through avoidance routing
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Region-based BGP announcement filtering for improved BGP security
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Measures of self-similarity of BGP updates and implications for securing BGP
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Aggregate and verifiably encrypted signatures from bilinear maps
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Analysis of BGP origin as changes among Brazil-related autonomous systems
IPOM'07 Proceedings of the 7th IEEE international conference on IP operations and management
Efficient sequential aggregate signed data
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Protocols and lower bounds for failure localization in the internet
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Sender access and data distribution control for inter-domain multicast groups
Computer Networks: The International Journal of Computer and Telecommunications Networking
Distributed Automatic Configuration of Complex IPsec-Infrastructures
Journal of Network and Systems Management
Safeguarding data delivery by decoupling path propagation and adoption
INFOCOM'10 Proceedings of the 29th conference on Information communications
How secure are secure interdomain routing protocols
Proceedings of the ACM SIGCOMM 2010 conference
An ID-based aggregate signature scheme with constant pairing computations
Journal of Systems and Software
Synchronized aggregate signatures: new definitions, constructions and applications
Proceedings of the 17th ACM conference on Computer and communications security
Keychain-based signatures for securing BGP
IEEE Journal on Selected Areas in Communications - Special issue title on scaling the internet routing system: an interim report
Enforcing security in semantics driven policy based networks
Computer Standards & Interfaces
A distributed reputation approach to cooperative internet routing protection
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Analysis of BGP prefix origins during google's may 2005 outage
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
iSPY: detecting IP prefix hijacking on my own
IEEE/ACM Transactions on Networking (TON)
Enhancing the trust of internet routing with lightweight route attestation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Bootstrapping accountability in the internet we have
Proceedings of the 8th USENIX conference on Networked systems design and implementation
An empirical study of behavioral characteristics of spammers: Findings and implications
Computer Communications
Let the market drive deployment: a strategy for transitioning to BGP security
Proceedings of the ACM SIGCOMM 2011 conference
Comparing ingress and egress detection to secure interdomain routing: An experimental analysis
ACM Transactions on Internet Technology (TOIT)
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
Having your cake and eating it too: routing security with privacy protections
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Rule-Based anomaly detection of inter-domain routing system
APPT'05 Proceedings of the 6th international conference on Advanced Parallel Processing Technologies
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
An infrastructure supporting secure internet routing
EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
Fighting e-mail abuses: the EMPE approach
EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
Enhanced aggregate signatures from pairings
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
An incremental approach to enhance the accuracy of internet routing
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part II
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Identity-Based aggregate signatures
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Sequential aggregate signatures and multisignatures without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Abnormally malicious autonomous systems and their internet connectivity
IEEE/ACM Transactions on Networking (TON)
LOT: A Defense Against IP Spoofing and Flooding Attacks
ACM Transactions on Information and System Security (TISSEC)
BGP-inspired autonomic service routing for the cloud
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Anonymous overlay network supporting authenticated routing
Information Sciences: an International Journal
On the stability of interdomain routing
ACM Computing Surveys (CSUR)
Sign what you really care about --- secure BGP AS paths efficiently
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part I
Private and verifiable interdomain routing decisions
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
A cascading failure model for interdomain routing system
International Journal of Communication Systems
Computational complexity of traffic hijacking under BGP and S-BGP
ICALP'12 Proceedings of the 39th international colloquium conference on Automata, Languages, and Programming - Volume Part II
Towards a framework for evaluating BGP security
CSET'12 Proceedings of the 5th USENIX conference on Cyber Security Experimentation and Test
Private and verifiable interdomain routing decisions
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
An efficient certificateless aggregate signature with constant pairing computations
Information Sciences: an International Journal
Outsourcing the routing control logic: better internet routing based on SDN principles
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
Detecting prefix hijackings in the internet with argus
Proceedings of the 2012 ACM conference on Internet measurement conference
Concurrent prefix hijacks: occurrence and impacts
Proceedings of the 2012 ACM conference on Internet measurement conference
Architecture of the remote routing validation tool for BGP anomaly detection
Proceedings of the 2012 ACM Research in Applied Computation Symposium
Sequential aggregate signatures with lazy verification from trapdoor permutations
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Practical receipt authentication for branchless banking
Proceedings of the 3rd ACM Symposium on Computing for Development
Emulation on the internet prefix hijacking attack impaction
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
A forensic case study on as hijacking: the attacker's perspective
ACM SIGCOMM Computer Communication Review
BGP security in partial deployment: is the juice worth the squeeze?
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Sign what you really care about - Secure BGP AS-paths efficiently
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Novel Robust Routing Scheme Against Rushing Attacks in Wireless Ad Hoc Networks
Wireless Personal Communications: An International Journal
The BGP monitoring and alarming system to detect and prevent anomaly IP prefix advertisement
Proceedings of the 2013 Research in Adaptive and Convergent Systems
On the risk of misbehaving RPKI authorities
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
The security appliance to BIRD software router
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
Journal of Network and Computer Applications
Hi-index | 0.07 |
The Border Gateway Protocol (BGP), which is used to distribute routing information between autonomous systems (ASes), is a critical component of the Internet's routing infrastructure. It is highly vulnerable to a variety of malicious attacks, due to the lack of a secure means of verifying the authenticity and legitimacy of BGP control traffic. This paper describes a secure, scalable, deployable architecture (S-BGP) for an authorization and authentication system that addresses most of the security problems associated with BGP. The paper discusses the vulnerabilities and security requirements associated with BGP, describes the S-BGP countermeasures, and explains how they address these vulnerabilities and requirements. In addition, this paper provides a comparison of this architecture to other approaches that have been proposed, analyzes the performance implications of the proposed countermeasures, and addresses operational issues