A Survey of BGP Security Issues and Solutions
Kevin R. B. Butler,T.R. Farley,Patrick McDaniel,Jennifer Rexford +3 more
- 01 Jan 2010
- Vol. 98, Iss: 1, pp 100-122
TL;DR: This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security, exploring the limitations and advantages of proposed security extensions to B GP, and explaining why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
read more
Abstract: As the Internet's de facto interdomain routing protocol, the Border Gateway Protocol (BGP) is the glue that holds the disparate parts of the Internet together. A major limitation of BGP is its failure to adequately address security. Recent high-profile outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design of BGP and the ubiquity of its deployment have frustrated past efforts at securing interdomain routing. This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security. We explore the limitations and advantages of proposed security extensions to BGP, and explain why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Comparing ingress and egress detection to secure interdomain routing: An experimental analysis
TL;DR: The experiments confirm the intuition that the contribution ASes are able to make towards securing the correct working of the inter-domain routing infrastructure by deploying countermeasures against routing attacks differ depending on their position in the AS topology and show that the degree of this asymmetry can be controlled by the choice of the security strategy.
5
Through the looking-glass, and what eve found there
Luca Bruno,Mariano Graziano,Davide Balzarotti,Aurélien Francillon +3 more
- 19 Aug 2014
TL;DR: It is shown how even an attacker with very limited resources can exploit such flaws in operators' networks and gain access to core Internet infrastructure, with severe implications for the security of the Internet.
Relieve Internet Routing Security of Public Key Infrastructure
Luigi V. Mancini,Angelo Spognardi,Claudio Soriente,Antonio Villani,Domenico Vitali +4 more
- 31 Aug 2012
TL;DR: al. as mentioned in this paper proposed reBGP, an enhanced version of BGP that leverages identity based cryptography to secure BGP with minimal overhead, which prevents prefix hijacking and false route announcement through aggregate identity based signatures and provides an effective revocation means to invalidate AS-path announcements.
5
Network-Layer Accountability Protocols: A Survey
TL;DR: A network-layer accountability framework is proposed and a taxonomy of network- layer accountability protocols according to accountability granularity is presented and compared and their pros and cons mainly from accountability function, deployability, and security are discussed.
5
Identifying malicious behavior in MANET through data path information
Danai Chasaki
- 10 Apr 2014
TL;DR: This paper proposes a novel algorithm to accomplish connectivity tracking based on a space-efficient Bloom filter data structure and the use of aggregate signatures and presents simulation results on a real network trace that show the effectiveness of the design.
5
References
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
A Method for Obtaining Digital Signatures and Public Key Cryptosystems (Formerly on Digital Signatures and Public Key Cryptosystems)
Ronald L. Rivest,Adi Shamir,Len Adelman +2 more
- 01 Jan 1977
TL;DR: In this paper, a message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret prime numbers p and q.
8.2K
On the self-similar nature of Ethernet traffic (extended version)
TL;DR: It is demonstrated that Ethernet LAN traffic is statistically self-similar, that none of the commonly used traffic models is able to capture this fractal-like behavior, and that such behavior has serious implications for the design, control, and analysis of high-speed, cell-based networks.
Short Signatures from the Weil Pairing
Dan Boneh,Ben Lynn,Hovav Shacham +2 more
- 09 Dec 2001
TL;DR: A short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyperelliptic curves is introduced, designed for systems where signatures are typed in by a human or signatures are sent over a low-bandwidth channel.
Related Papers (5)
Hitesh Ballani,Paul Francis,Xinyang Zhang +2 more
- 27 Aug 2007
Yih-Chun Hu,Adrian Perrig,Marvin A. Sirbu +2 more
- 30 Aug 2004
Matt Lepinski,Stephen Kent +1 more
- 01 Feb 2012
Ola Nordstrom,Constantinos Dovrolis +1 more
- 01 Apr 2004