A Survey of BGP Security Issues and Solutions
Kevin R. B. Butler,T.R. Farley,Patrick McDaniel,Jennifer Rexford +3 more
- 01 Jan 2010
- Vol. 98, Iss: 1, pp 100-122
TL;DR: This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security, exploring the limitations and advantages of proposed security extensions to B GP, and explaining why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
read more
Abstract: As the Internet's de facto interdomain routing protocol, the Border Gateway Protocol (BGP) is the glue that holds the disparate parts of the Internet together. A major limitation of BGP is its failure to adequately address security. Recent high-profile outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design of BGP and the ubiquity of its deployment have frustrated past efforts at securing interdomain routing. This paper considers the current vulnerabilities of the interdomain routing system and surveys both research and standardization efforts relating to BGP security. We explore the limitations and advantages of proposed security extensions to BGP, and explain why no solution has yet struck an adequate balance between comprehensive security and deployment cost.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Efficient BGP Intrusion Detection Model Using Machine Learning: A Comparative Study with AdaBoost as the Optimal Classifier
Manaf Abdoun,Mouhcine Guennoun,Amine Amar,Tarek Saad,Mostafa Taha +4 more
- 24 Sep 2023
TL;DR: Evaluating multiple machine learning models for detecting BGP anomalies and comprehensively analyzes their effectiveness reveals that AdaBoost achieves an impressive accuracy of 97.22%, making it the optimal choice for BGP anomaly detection.
1
Use of Distributed Trustworthy Node to Secure AS_PATH
Lingjing Kong,Huaxin Zeng +1 more
- 02 Nov 2012
TL;DR: This paper proposes a method of secure AS_PATH - SAP, which can simplify route validation process, reduce the computational overhead and storage, and comparison of these two methods is given.
1
KEDS: Decentralised Network Security for the Smart Home Environment
Justin King-Lacroix,Andrew P. Martin +1 more
- 26 Feb 2014
TL;DR: The increasingly wide deployment of smart grid technologies in the home has resulted in home automation networks becoming multi-stakeholder, with the number of stakeholders increasing over time.
1
The hidden mailman and his mailbag: Routing path analysis from a European perspective
Josef Gustafsson,Rahul Hiran,Vengatanathan Krishnamoorthi,Niklas Carlsson +3 more
- 01 May 2017
TL;DR: This work describes the role played by North American ASes along the paths of typical Internet packets between European example clients and the most popular web domains and glean insights into how vulnerable the detoured traffic is to man-in-the-middle attacks compared to regular traffic.
DSA-NIE: Double Static Attributes Based Node Importance Evaluation of Inter-Domain Routing System
Huihu Zhu,Han Qiu,Junhu Zhu,Qingxian Wang +3 more
- 01 Dec 2019
TL;DR: The relationship between static structural attributes and dynamic attributes after node failure is analyzed and it is found that the degree can indirectly reflect the impact of the UPDATE packet propagation and the number of routing paths can reflect theimpact caused by load redistribution.
1
References
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
A Method for Obtaining Digital Signatures and Public Key Cryptosystems (Formerly on Digital Signatures and Public Key Cryptosystems)
Ronald L. Rivest,Adi Shamir,Len Adelman +2 more
- 01 Jan 1977
TL;DR: In this paper, a message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret prime numbers p and q.
8.2K
On the self-similar nature of Ethernet traffic (extended version)
TL;DR: It is demonstrated that Ethernet LAN traffic is statistically self-similar, that none of the commonly used traffic models is able to capture this fractal-like behavior, and that such behavior has serious implications for the design, control, and analysis of high-speed, cell-based networks.
Short Signatures from the Weil Pairing
Dan Boneh,Ben Lynn,Hovav Shacham +2 more
- 09 Dec 2001
TL;DR: A short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyperelliptic curves is introduced, designed for systems where signatures are typed in by a human or signatures are sent over a low-bandwidth channel.
Related Papers (5)
Hitesh Ballani,Paul Francis,Xinyang Zhang +2 more
- 27 Aug 2007
Yih-Chun Hu,Adrian Perrig,Marvin A. Sirbu +2 more
- 30 Aug 2004
Matt Lepinski,Stephen Kent +1 more
- 01 Feb 2012
Ola Nordstrom,Constantinos Dovrolis +1 more
- 01 Apr 2004