Loading Events

« All Events

  • This event has passed.

CSE Colloquium: Dr. Amir Herzberg

May 25, 2017 @ 11:00 am - 12:00 pm UTC-5

Title: Securing Internet Routing

 

Abstract:

Routing is the basic infrastructure connecting the Internet together; yet, it remains woefully insecure, in spite of extensive standardization and R&D efforts over decades. In the recent years, most efforts focus on two mechanisms: the Border Gateway Protocol security enhancements (BGPsec), and the Routing Public Key Infrastructure (RPKI).  for origin authentication, and BGPsec for path validation. 

RPKI is easier to deploy, and also a pre-requisite to BGPsec. Properly deployed, RPKI will prevent devastating, common attacks such as IP prefix hijacking; indeed, there are extensive efforts to encourage deployment. However, we show measurements indicating that RPKI deployment is slow – and, worse, there are many deployment errors. We study the impact and causes of this slow, partial adoption, and explore ways to improve deployment. 

 

Adoption of BGPsec, on the other hand, struggles with inherent, possibly insurmountable, obstacles, including the need to upgrade today’s routing infrastructure and meager benefits in partial deployment. Therefore, we propose an easily-deployable alternative: {\em path-end validation}. Extensive simulations on empirically-derived datasets show that path-end validation yields significant benefits – even in limited, partial adoption – much improving compared to BGPsec. 

 

Finally, we discuss the inherent security limitations of the current routing protocols, and ongoing works toward an alternative routing infrastructure, which will ensure connectivity even under extreme Denial-of-Service attacks. 

Details

Date:
May 25, 2017
Time:
11:00 am - 12:00 pm UTC-5
Event Category:

Venue

HBL Class of 1947 Conference Room
UConn Library, 369 Fairfield Way, Unit 1005
Storrs, CT 06269 United States
+ Google Map
Phone:
(860) 486-2518
Website:
https://lib.uconn.edu/

Connect With Us