A Survey of BGP Security Issues and Solutions
Kevin R. B. Butler,T.R. Farley,Patrick McDaniel,Jennifer Rexford +3 more
- 01 Jan 2010
- Vol. 98, Iss: 1, pp 100-122
TL;DR: This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security, exploring the limitations and advantages of proposed security extensions to B GP, and explaining why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
read more
Abstract: As the Internet's de facto interdomain routing protocol, the Border Gateway Protocol (BGP) is the glue that holds the disparate parts of the Internet together. A major limitation of BGP is its failure to adequately address security. Recent high-profile outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design of BGP and the ubiquity of its deployment have frustrated past efforts at securing interdomain routing. This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security. We explore the limitations and advantages of proposed security extensions to BGP, and explain why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A Systematic Compression Approach for Route Tables in a BGP Monitor
Wenping Deng,Peidong Zhu,Xicheng Lu,Kaiyu Cai +3 more
- 20 Sep 2006
TL;DR: A systematic approach for compression within and among route tables for BGP monitor's Database & Analyzer is proposed and can join all these tables together as well as facilitate joint time-domain analyzing on them.
2
Exploring the Benefit of Path Plausibility Algorithms in BGP
Nils Rodday,Gabi Dreo Rodosek,Aiko Pras,Roland van Rijswijk - Deij +3 more
- 06 May 2024
TL;DR: This work implements ASPA and AS-Cones in a simulation testbed and recommends to start deploying both algorithms in a top-down manner, starting with the AS with the highest connectivity.
2
Patent
Method for collecting routing information in a network
Detay Jean-Christophe
- 11 Apr 2012
TL;DR: In this paper, the authors proposed a method for collecting routing information in a network (CN), wherein the network comprises at least one first network node (GES1,..., GES5) and at least two second network nodes (RRH1, RRH8) and wherein the method comprising the steps of receiving routing information stored at the at least first network nodes for reaching the second node for network management purposes, if the routing information has been verified as consistent.
1
Path Plausibility Algorithms in GoBGP
Nils Höoger,Nils Rodday,Oliver Borchert,Gabi Dreo Rodosek +3 more
- 30 Oct 2023
TL;DR: This demo session presents the integration of two path plausibility algorithms, namely ASPA and AS-Cones, into the GoBGP routing daemon, and extends the NIST BGP-SRx software suite with the first implementation of AS- Cones.
1
Internet Development Versus Networking Modes
Shengming Jiang,Shengming Jiang +1 more
- 01 Jan 2012
TL;DR: Although there have been many changes in both the number and types of applications and users on the Internet, the networking modes, which collectively refer to the principle and methodology for networking, have remained almost intact.
1
References
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
A Method for Obtaining Digital Signatures and Public Key Cryptosystems (Formerly on Digital Signatures and Public Key Cryptosystems)
Ronald L. Rivest,Adi Shamir,Len Adelman +2 more
- 01 Jan 1977
TL;DR: In this paper, a message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret prime numbers p and q.
8.2K
On the self-similar nature of Ethernet traffic (extended version)
TL;DR: It is demonstrated that Ethernet LAN traffic is statistically self-similar, that none of the commonly used traffic models is able to capture this fractal-like behavior, and that such behavior has serious implications for the design, control, and analysis of high-speed, cell-based networks.
Short Signatures from the Weil Pairing
Dan Boneh,Ben Lynn,Hovav Shacham +2 more
- 09 Dec 2001
TL;DR: A short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyperelliptic curves is introduced, designed for systems where signatures are typed in by a human or signatures are sent over a low-bandwidth channel.
Related Papers (5)
Hitesh Ballani,Paul Francis,Xinyang Zhang +2 more
- 27 Aug 2007
Yih-Chun Hu,Adrian Perrig,Marvin A. Sirbu +2 more
- 30 Aug 2004
Matt Lepinski,Stephen Kent +1 more
- 01 Feb 2012
Ola Nordstrom,Constantinos Dovrolis +1 more
- 01 Apr 2004