18,496 research outputs found
BGP Security in Partial Deployment: Is the Juice Worth the Squeeze?
As the rollout of secure route origin authentication with the RPKI slowly
gains traction among network operators, there is a push to standardize secure
path validation for BGP (i.e., S*BGP: S-BGP, soBGP, BGPSEC, etc.). Origin
authentication already does much to improve routing security. Moreover, the
transition to S*BGP is expected to be long and slow, with S*BGP coexisting in
"partial deployment" alongside BGP for a long time. We therefore use
theoretical and experimental approach to study the security benefits provided
by partially-deployed S*BGP, vis-a-vis those already provided by origin
authentication. Because routing policies have a profound impact on routing
security, we use a survey of 100 network operators to find the policies that
are likely to be most popular during partial S*BGP deployment. We find that
S*BGP provides only meagre benefits over origin authentication when these
popular policies are used. We also study the security benefits of other routing
policies, provide prescriptive guidelines for partially-deployed S*BGP, and
show how interactions between S*BGP and BGP can introduce new vulnerabilities
into the routing system
CAIR: Using Formal Languages to Study Routing, Leaking, and Interception in BGP
The Internet routing protocol BGP expresses topological reachability and
policy-based decisions simultaneously in path vectors. A complete view on the
Internet backbone routing is given by the collection of all valid routes, which
is infeasible to obtain due to information hiding of BGP, the lack of
omnipresent collection points, and data complexity. Commonly, graph-based data
models are used to represent the Internet topology from a given set of BGP
routing tables but fall short of explaining policy contexts. As a consequence,
routing anomalies such as route leaks and interception attacks cannot be
explained with graphs.
In this paper, we use formal languages to represent the global routing system
in a rigorous model. Our CAIR framework translates BGP announcements into a
finite route language that allows for the incremental construction of minimal
route automata. CAIR preserves route diversity, is highly efficient, and
well-suited to monitor BGP path changes in real-time. We formally derive
implementable search patterns for route leaks and interception attacks. In
contrast to the state-of-the-art, we can detect these incidents. In practical
experiments, we analyze public BGP data over the last seven years
- …