research-article

Perfect is the Enemy of Good: Setting Realistic Goals for BGP Security

Authors:

Haya ShulmanAuthors Info & Claims

HotNets '18: Proceedings of the 17th ACM Workshop on Hot Topics in Networks

Pages 57 - 63

https://doi.org/10.1145/3286062.3286071

Published: 15 November 2018 Publication History

Get Access

Supplementary Material

MP4 File (p57-hlavacek.mp4)

Download
1126.93 MB

References

[1]

The New Threat: Targeted Internet Traffic Misdirection. http://www.renesys.com/2013/11/mitm-internet-hijacking/.

Google Scholar

[2]

The CAIDA AS Relationships Dataset. http://www.caida.org/data/as-relationships/, Jan. 2016.

Google Scholar

[3]

M. Aertsen, M. Korczynski, G. C. M. Moura, S. Tajalizadehkhoob, and J. van den Berg. No domain left behind: is Let's Encrypt democratizing encryption? In ANRW, pages 48--54. ACM, 2017.

Digital Library

Google Scholar

[4]

H. Ballani, P. Francis, and X. Zhang. A study of prefix hijacking and interception in the Internet. In J. Murai and K. Cho, editors, SIGCOMM, pages 265--276. ACM, 2007.

Digital Library

Google Scholar

[5]

R. Barnesm, J. Hoffman-Andrews, and J. Kasten. Automatic certificate management environment (ACME). https://tools.ietf.org/html/draft-ietf-acme-acme-08, October 2017. Internet-Draft.

Google Scholar

[6]

L. Blunk, M. Karir, and C. Labovitz. Multi-threaded routing toolkit (mrt) routing information export format, October 2011. RFC6396.

Google Scholar

[7]

A. Cohen, Y. Gilad, A. Herzberg, and M. Schapira. One Hop for RPKI, One Giant Leap for BGP Security. In HotNets, pages 10:1--10:7. ACM, 2015.

Digital Library

Google Scholar

[8]

A. Cohen, Y. Gilad, A. Herzberg, and M. Schapira. One hop for rpki, one giant leap for bgp security. In J. de Oliveira, J. Smith, K. J. Argyraki, and P. Levis, editors, HotNets, pages 10:1--10:7. ACM, 2015.

Digital Library

Google Scholar

[9]

A. Cohen, Y. Gilad, A. Herzberg, and M. Schapira. Jumpstarting BGP Security with Path-End Validation. In SIGCOMM, pages 342--355. ACM, 2016.

Digital Library

Google Scholar

[10]

D. Cooper, E. Heilman, K. Brogle, L. Reyzin, and S. Goldberg. On the risk of misbehaving RPKI authorities. In HotNets, pages 16:1--16:7. ACM, 2013.

Digital Library

Google Scholar

[11]

J. Durand, I. Pepelnjak, and G. Doering. Bgp operations and security, February 2015. RFC7454.

Google Scholar

[12]

Y. Gilad, A. Cohen, A. Herzberg, M. Schapira, and H. Shulman. Are We There Yet? On RPKI's Deployment and Security. In NDSS, 2017.

Crossref

Google Scholar

[13]

Y. Gilad, S. Goldberg, K. Sriram, and J. Snijders. The Use of Maxlength in the RPKI. https://tools.ietf.org/html/draft-yossigi-rpkimaxlen-01, September 2017. Internet-Draft.

Google Scholar

[14]

Y. Gilad and A. Herzberg. Plug-and-Play IP Security: Anonymity Infrastructure instead of PKI. In ESORICS, pages 255--272. Springer, 2013.

Crossref

Google Scholar

[15]

Y. Gilad, O. Sagga, and S. Goldberg. Maxlength considered harmful to the RPKI. In CoNEXT, pages 101--107, 2017.

Digital Library

Google Scholar

[16]

P. Gill, M. Schapira, and S. Goldberg. Modeling on Quicksand: Dealing with the Scarcity of Ground Truth in Interdomain Routing Data. Computer Communication Review, 42(1):40--46, 2012.

Digital Library

Google Scholar

[17]

T. Hlavacek. ROV adoption rate measurement. https://2017.peeringdays.eu/file.php?id=16&n=23_7_cz.nic_hlavacek.pdf, March 2017. CEE Peering Days 2017.

Google Scholar

[18]

T. Hlavacek, A. Herzberg, H. Shulman, and M. Waidner. Practical experience: Methodologies for measuring route origin validation. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pages 634--641, June 2018.

Crossref

Google Scholar

[19]

D. Iamartino, C. Pelsser, and R. Bush. Measuring BGP Route Origin Registration and Validation. In PAM, volume 8995 of LNCS, pages 28--40. Springer, 2015.

Google Scholar

[20]

J. Karlin, S. Forrest, and J. Rexford. Pretty Good BGP: Improving BGP by Cautiously Adopting Routes. In ICNP, pages 290--299. IEEE Computer Society, 2006.

Digital Library

Google Scholar

[21]

M. Lepinski and S. Kent. An infrastructure to support secure internet routing, February 2012. RFC6480.

Google Scholar

[22]

M. Lepinski and K. Sriram. Bgpsec protocol specification, September 2017. RFC8205.

Google Scholar

[23]

R. Lychev, S. Goldberg, and M. Schapira. BGP Security in Partial Deployment: Is the Juice Worth the Squeeze? In SIGCOMM, pages 171--182. ACM, 2013.

Digital Library

Google Scholar

[24]

A. Manousis, R. Ragsdale, B. Draffin, A. Agrawal, and V. Sekar. Shedding Light on the Adoption of Let's Encrypt. CoRR, abs/1611.00469, 2016.

Google Scholar

[25]

NIST. RPKI Monitor. http://rpki-monitor.antd.nist.gov/, 2015.

Google Scholar

[26]

Y. Rekhter, T. Li, and S. Hares. A border gateway protocol 4 (bgp-4), January 2006. RFC4271.

Google Scholar

[27]

A. Reuter, R. Bush, Í. Cunha, E. Katz-Bassett, T. C. Schmidt, and M. Wählisch. Towards a rigorous methodology for measuring adoption of RPKI route validation and filtering. ACM Computer Communication Review, 2018.

Digital Library

Google Scholar

[28]

RIPE NCC. YouTube Hijacking: A RIPE NCC RIS case study, March 2008.

Google Scholar

[29]

J. Snijders. BGP Large Communities. SINOG 4, Ljubljana, Slovenia, May 2017.

Google Scholar

[30]

J. Snijders. Deprecation of bgp path attribute values 30, 31, 129, 241, 242, and 243, February 2017. RFC8093.

Google Scholar

[31]

L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R. H. Katz. Listen and Whisper: Security Mechanisms for BGP. In NSDI, pages 127--140. USENIX, 2004.

Digital Library

Google Scholar

[32]

A. Toonk. Hijack Event Today by Indosat. http://www.bgpmon.net/hijack-event-today-by-indosat/.

Google Scholar

[33]

A. Toonk. Turkey Hijacking IP Addresses for Popular Global DNS Providers. BGPMon.

Google Scholar

[34]

P.-A. Vervier, O. Thonnard, and M. Dacier. Mind Your Blocks: On the Stealthiness of Malicious BGP Hijacks. In NDSS. The Internet Society, 2015.

Crossref

Google Scholar

[35]

M. Wählisch, O. Maennel, and T. C. Schmidt. Towards Detecting BGP Route Hijacking Using the RPKI. SIGCOMM Comput. Commun. Rev., 42(4):103--104, Aug. 2012.

Digital Library

Google Scholar

[36]

M. Wählisch, R. Schmidt, T. C. Schmidt, O. Maennel, S. Uhlig, and G. Tyson. RiPKI: The Tragic Story of RPKI Deployment in the Web Ecosystem. In Proc. of Fourteenth ACM Workshop on Hot Topics in Networks (HotNets), New York, 2015. ACM.

Digital Library

Google Scholar

[37]

R. White. Deployment Considerations for Secure Origin BGP (soBGP)., June 2003.

Google Scholar

Cited By

View all

Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2024)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3327455
Milolidakis ABühler TWang KChiesa MVanbever LVissicchio S(2023)On the Effectiveness of BGP Hijackers That Evade Public Route CollectorsIEEE Access10.1109/ACCESS.2023.326112811(31092-31124)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3261128
Raynor JCrnovrsanin TBartolomeo SSouth LSaffo DDunne C(2022)The State of the Art in BGP Visualization Tools: A Mapping of Visualization Techniques to Cyberattack TypesIEEE Transactions on Visualization and Computer Graphics10.1109/TVCG.2022.3209412(1-11)Online publication date: 2022
https://doi.org/10.1109/TVCG.2022.3209412
Show More Cited By

Recommendations

E-Government towards good governance: A global appraisal

This research paper is aimed to illustrate the roles of e-Government technology in modern management. It has discussed the contribution of the e-Government technology towards Good Governance in the selected developing and developed countries. It ...
The Path to Good E-Governance: A Study on Democratic E-Participation in China
ICEE '12: Proceedings of the 2012 3rd International Conference on E-Business and E-Government - Volume 02

Sustainable development of the democratic eparticipation has brought enormous pressure to China government. Therefore e-governance should accelerate the pace of reform to meet these changes. The goal of this article is trying to find the path to reach ...
An E-Government Approach for Bridging the Participation Gap in Achieving Participatory Good Governance

Electronic Government e-Government has been considered as an essential strategy for many governments in their efforts to ensure qualities of participatory good governance. Various e-Government applications have been recognised as effective methods of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

HotNets '18: Proceedings of the 17th ACM Workshop on Hot Topics in Networks

November 2018

191 pages

ISBN:9781450361200

DOI:10.1145/3286062

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 November 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Conference

HotNets '18

Sponsor:

SIGCOMM

HotNets '18: The 17th ACM workshop on Hot Topics in Networks

November 15 - 16, 2018

WA, Redmond, USA

Acceptance Rates

Overall Acceptance Rate 110 of 460 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
375
Total Downloads

Downloads (Last 12 months)29
Downloads (Last 6 weeks)3

Reflects downloads up to 01 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2024)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3327455
Milolidakis ABühler TWang KChiesa MVanbever LVissicchio S(2023)On the Effectiveness of BGP Hijackers That Evade Public Route CollectorsIEEE Access10.1109/ACCESS.2023.326112811(31092-31124)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3261128
Raynor JCrnovrsanin TBartolomeo SSouth LSaffo DDunne C(2022)The State of the Art in BGP Visualization Tools: A Mapping of Visualization Techniques to Cyberattack TypesIEEE Transactions on Visualization and Computer Graphics10.1109/TVCG.2022.3209412(1-11)Online publication date: 2022
https://doi.org/10.1109/TVCG.2022.3209412
Shapira TShavitt Y(2022)AP2Vec: An Unsupervised Approach for BGP Hijacking DetectionIEEE Transactions on Network and Service Management10.1109/TNSM.2022.316645019:3(2255-2268)Online publication date: Sep-2022
https://doi.org/10.1109/TNSM.2022.3166450
Testart CRichter PKing ADainotti AClark D(2019)Profiling BGP Serial HijackersProceedings of the Internet Measurement Conference10.1145/3355369.3355581(420-434)Online publication date: 21-Oct-2019
https://dl.acm.org/doi/10.1145/3355369.3355581

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

E-Government towards good governance: A global appraisal

The Path to Good E-Governance: A Study on Democratic E-Participation in China

An E-Government Approach for Bridging the Participation Gap in Achieving Participatory Good Governance