How to construct random functions
Journal of the ACM (JACM)
On-line/off-line digital signatures
CRYPTO '89 Proceedings on Advances in cryptology
Interconnections: bridges and routers
Interconnections: bridges and routers
Integration of security in network routing protocols
ACM SIGSAC Review
Integrating security in inter-domain routing protocols
ACM SIGCOMM Computer Communication Review
Protecting routing infrastructures from denial of service using cooperative intrusion detection
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
A digital fountain approach to reliable distribution of bulk data
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
A compact and fast hybrid signature scheme for multicast packet authentication
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
FPGA '02 Proceedings of the 2002 ACM/SIGDA tenth international symposium on Field-programmable gate arrays
Handbook of Applied Cryptography
Handbook of Applied Cryptography
BGP4: Inter-Domain Routing in the Internet
BGP4: Inter-Domain Routing in the Internet
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Reducing The Cost Of Security In Link-State Routing
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Securing Distance-Vector Routing Protocols
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
An efficient message authentication scheme for link state routing
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
ACM SIGCOMM Computer Communication Review
The sfra: a fixed frequency fpga architecture
The sfra: a fixed frequency fpga architecture
Listen and whisper: security mechanisms for BGP
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
A framework for resilient Internet routing protocols
IEEE Network: The Magazine of Global Internetworking
HLP: a next generation inter-domain routing protocol
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Aggregated path authentication for efficient BGP security
Proceedings of the 12th ACM conference on Computer and communications security
Identity-based registry for secure interdomain routing
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Modeling adoptability of secure BGP protocols
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Modeling adoptability of secure BGP protocol
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Optimizing BGP security by exploiting path stability
Proceedings of the 13th ACM conference on Computer and communications security
Origin authentication in interdomain routing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of the SPV secure routing protocol: weaknesses and lessons
ACM SIGCOMM Computer Communication Review
Theoretical bounds on control-plane self-monitoring in routing protocols
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
Achieving convergence-free routing using failure-carrying packets
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 14th ACM conference on Computer and communications security
Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification
ACM Transactions on Information and System Security (TISSEC)
Mitigating attacks against virtual coordinate based routing in wireless sensor networks
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Packet forwarding with source verification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Practical defenses against BGP prefix hijacking
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Consensus routing: the internet as a distributed system
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Securing user-controlled routing infrastructures
IEEE/ACM Transactions on Networking (TON)
Ispy: detecting ip prefix hijacking on my own
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Inter-domain routing for mobile ad hoc networks
Proceedings of the 3rd international workshop on Mobility in the evolving internet architecture
An Operational Approach to Validate the Path of BGP
ICA3PP '08 Proceedings of the 8th international conference on Algorithms and Architectures for Parallel Processing
An economic mechanism for better Internet security
Decision Support Systems
Symmetric Key Approaches to Securing BGP --- A Little Bit Trust Is Enough
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
NetReview: detecting when interdomain routing goes wrong
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Routing with Byzantine robustness
Routing with Byzantine robustness
Region-based BGP announcement filtering for improved BGP security
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Secure and robust virtual coordinate system in wireless sensor networks
ACM Transactions on Sensor Networks (TOSN)
Stealthy IP prefix hijacking: don't bite off more than you can chew
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Safeguarding data delivery by decoupling path propagation and adoption
INFOCOM'10 Proceedings of the 29th conference on Information communications
Locating prefix hijackers using LOCK
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
StrobeLight: lightweight availability mapping and anomaly detection
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Keychain-based signatures for securing BGP
IEEE Journal on Selected Areas in Communications - Special issue title on scaling the internet routing system: an interim report
Robust Decentralized Virtual Coordinate Systems in Adversarial Environments
ACM Transactions on Information and System Security (TISSEC)
iSPY: detecting IP prefix hijacking on my own
IEEE/ACM Transactions on Networking (TON)
Enhancing the trust of internet routing with lightweight route attestation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Bootstrapping accountability in the internet we have
Proceedings of the 8th USENIX conference on Networked systems design and implementation
CluB: a cluster based framework for mitigating distributed denial of service attacks
Proceedings of the 2011 ACM Symposium on Applied Computing
Comparing ingress and egress detection to secure interdomain routing: An experimental analysis
ACM Transactions on Internet Technology (TOIT)
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Sign what you really care about --- secure BGP AS paths efficiently
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part I
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
Architecture of the remote routing validation tool for BGP anomaly detection
Proceedings of the 2012 ACM Research in Applied Computation Symposium
Sign what you really care about - Secure BGP AS-paths efficiently
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
As our economy and critical infrastructure increasingly relies on the Internet, the insecurity of the underlying border gateway routing protocol (BGP) stands out as the Achilles heel. Recent misconfigurations and attacks have demonstrated the brittleness of BGP. Securing BGP has become a priority.In this paper, we focus on a viable deployment path to secure BGP. We analyze security requirements, and consider tradeoffs of mechanisms that achieve the requirements. In particular, we study how to secure BGP update messages against attacks. We design an efficient cryptographic mechanism that relies only on symmetric cryptographic primitives to guard an ASPATH from alteration, and propose the Secure Path Vector (SPV) protocol. In contrast to the previously proposed S-BGP protocol, SPV is around 22 times faster. With the current effort to secure BGP, we anticipate that SPV will contribute several alternative mechanisms to secure BGP, especially for the case of incremental deployments.