On power-law relationships of the Internet topology
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
An analysis of BGP multiple origin AS (MOAS) conflicts
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
BGP4: Inter-Domain Routing in the Internet
BGP4: Inter-Domain Routing in the Internet
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
BGP routing stability of popular destinations
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Fast Digital Identity Revocation (Extended Abstract)
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
An efficient message authentication scheme for link state routing
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Random Evolution in Massive Graphs
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Efficient Certificate Revocation
Efficient Certificate Revocation
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
The case for separating routing from routers
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
An internet routing forensics framework for discovering rules of abnormal BGP events
ACM SIGCOMM Computer Communication Review
Aggregated path authentication for efficient BGP security
Proceedings of the 12th ACM conference on Computer and communications security
Experimental analysis of attacks against intradomain routing protocols
Journal of Computer Security
Modeling adoptability of secure BGP protocol
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Optimizing BGP security by exploiting path stability
Proceedings of the 13th ACM conference on Computer and communications security
Theoretical bounds on control-plane self-monitoring in routing protocols
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
TARP: Ticket-based address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 14th ACM conference on Computer and communications security
Universal forgery of the identity-based sequential aggregate signature scheme
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Locating prefix hijackers using LOCK
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
StrobeLight: lightweight availability mapping and anomaly detection
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Keychain-based signatures for securing BGP
IEEE Journal on Selected Areas in Communications - Special issue title on scaling the internet routing system: an interim report
Enhancing the trust of internet routing with lightweight route attestation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Cooperative security management enhancing survivability against DDoS attacks
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and its Applications - Volume Part I
LOT: A Defense Against IP Spoofing and Flooding Attacks
ACM Transactions on Information and System Security (TISSEC)
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
Sign what you really care about - Secure BGP AS-paths efficiently
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Attacks against Internet routing are increasing in number and severity. Contributing greatly to these attacks is the absence of origin authentication: there is no way to validate claims of address ownership or location. The lack of such services enables not only attacks by malicious entities, but indirectly allow seemingly inconsequential miconfigurations to disrupt large portions of the Internet. This paper considers the semantics, design, and costs of origin authentication in interdomain routing. We formalize the semantics of address delegation and use on the Internet, and develop and characterize broad classes of origin authentication proof systems. We estimate the address delegation graph representing the current use of IPv4 address space using available routing data. This effort reveals that current address delegation is dense and relatively static: as few as 16 entities perform 80% of the delegation on the Internet. We conclude by evaluating the proposed services via traced based simulation. Our simulation shows the enhanced proof systems can reduce significantly reduce resource costs associated with origin authentication.