Elliptic curves in cryptography
Elliptic curves in cryptography
Stable internet routing without global coordination
IEEE/ACM Transactions on Networking (TON)
An analysis of BGP multiple origin AS (MOAS) conflicts
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks
WMCSA '02 Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications
Towards an accurate AS-level traceroute tool
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Compliance defects in public-key cryptography
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A new paradigm for collision-free hashing: incrementality at reduced cost
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
ACM SIGCOMM Computer Communication Review
SPV: secure path vector routing for securing BGP
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
The case for separating routing from routers
Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Reliable broadcast in unknown fixed-identity networks
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
HLP: a next generation inter-domain routing protocol
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Aggregated path authentication for efficient BGP security
Proceedings of the 12th ACM conference on Computer and communications security
Identity-based registry for secure interdomain routing
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Modeling adoptability of secure BGP protocols
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Detecting and Isolating Malicious Routers
IEEE Transactions on Dependable and Secure Computing
Modeling adoptability of secure BGP protocol
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
A BGP attack against traffic engineering
WSC '04 Proceedings of the 36th conference on Winter simulation
Optimizing BGP security by exploiting path stability
Proceedings of the 13th ACM conference on Computer and communications security
Origin authentication in interdomain routing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of the SPV secure routing protocol: weaknesses and lessons
ACM SIGCOMM Computer Communication Review
Theoretical bounds on control-plane self-monitoring in routing protocols
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
On interdomain routing security and pretty secure BGP (psBGP)
ACM Transactions on Information and System Security (TISSEC)
Truth in advertising: lightweight verification of route integrity
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
A study of prefix hijacking and interception in the internet
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification
ACM Transactions on Information and System Security (TISSEC)
Packet forwarding with source verification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Practical defenses against BGP prefix hijacking
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Path-quality monitoring in the presence of adversaries
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Consensus routing: the internet as a distributed system
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Securing user-controlled routing infrastructures
IEEE/ACM Transactions on Networking (TON)
Rationality and traffic attraction: incentives for honest path announcements in bgp
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Ispy: detecting ip prefix hijacking on my own
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Autonomous security for autonomous systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Application of a Massively Multi-Agent System to Internet Routing Management
Massively Multi-Agent Technology
Diagnosis of IP-Service Anomalies Based on BGP-Update Temporal Analysis
IPOM '08 Proceedings of the 8th IEEE international workshop on IP Operations and Management
SEM: A Security Evaluation Model for Inter-domain Routing System in the Internet
IPOM '08 Proceedings of the 8th IEEE international workshop on IP Operations and Management
Symmetric Key Approaches to Securing BGP --- A Little Bit Trust Is Enough
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
CSET'08 Proceedings of the conference on Cyber security experimentation and test
Lisp-based agent platform and applications for inter-domain network management
Proceedings of the 2007 International Lisp Conference
Protocols and lower bounds for failure localization in the internet
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Stealthy IP prefix hijacking: don't bite off more than you can chew
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Locating prefix hijackers using LOCK
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
StrobeLight: lightweight availability mapping and anomaly detection
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Keychain-based signatures for securing BGP
IEEE Journal on Selected Areas in Communications - Special issue title on scaling the internet routing system: an interim report
A distributed reputation approach to cooperative internet routing protection
NPSEC'05 Proceedings of the First international conference on Secure network protocols
iSPY: detecting IP prefix hijacking on my own
IEEE/ACM Transactions on Networking (TON)
Enhancing the trust of internet routing with lightweight route attestation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Comparing ingress and egress detection to secure interdomain routing: An experimental analysis
ACM Transactions on Internet Technology (TOIT)
COPS: quality of service vs. any service at all
IWQoS'05 Proceedings of the 13th international conference on Quality of Service
Detection and diagnosis of Inter-AS routing anomalies by cooperative intelligent agents
DSOM'05 Proceedings of the 16th IFIP/IEEE Ambient Networks international conference on Distributed Systems: operations and Management
Sign what you really care about --- secure BGP AS paths efficiently
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part I
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
Detecting prefix hijackings in the internet with argus
Proceedings of the 2012 ACM conference on Internet measurement conference
Concurrent prefix hijacks: occurrence and impacts
Proceedings of the 2012 ACM conference on Internet measurement conference
Emulation on the internet prefix hijacking attack impaction
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Sign what you really care about - Secure BGP AS-paths efficiently
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
BGP, the current inter-domain routing protocol, assumes that the routing information propagated by authenticated routers is correct. This assumption renders the current infrastructure vulnerable to both accidental misconfigurations and deliberate attacks. To reduce this vulnerability, we present a combination of two mechanisms: Listen and Whisper. Listen passively probes the data plane and checks whether the underlying routes to different destinations work. Whisper uses cryptographic functions along with routing redundancy to detect bogus route advertisements in the control plane. These mechanisms are easily deployable, and do not rely on either a public key infrastructure or a central authority like ICANN. The combination of Listen and Whisper eliminates a large number of problems due to router misconfigurations, and restricts (though not eliminates) the damage that deliberate attackers can cause. Moreover, these mechanisms can detect and contain isolated adversaries that propagate even a few invalid route announcements. Colluding adversaries pose a more stringent challenge, and we propose simple changes to the BGP policy mechanism to limit the damage colluding adversaries can cause. We demonstrate the utility of Listen and Whisper through real-world deployment, measurements and empirical analysis. For example, a randomly placed isolated adversary, in the worst case can affect reachability to only 1% of the nodes.