research-article

Free Access

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.

Author:
Sharon Goldberg

Boston University

Boston University
View Profile

Authors Info & Claims

Queue Volume 12 Issue 8August 2014pp 20–33https://doi.org/10.1145/2668152.2668966

Published:08 August 2014Publication History

Queue

Abstract

BGP (Border Gateway Protocol) is the glue that sticks the Internet together, enabling data communications between large networks operated by different organizations. BGP makes Internet communications global by setting up routes for traffic between organizations - for example, from Boston University’s network, through larger ISPs (Internet service providers) such as Level3, Pakistan Telecom, and China Telecom, then on to residential networks such as Comcast or enterprise networks such as Bank of America.

References

Ballani, H., Francis, P., Zhang, X. 2007. A study of prefix hijacking and interception in the Internet. Proceedings of the ACM SIGCOMM 2007 Conference: 265-276. Google ScholarDigital Library
Brown, M. 2008. Pakistan hijacks YouTube. Renesys blog; http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml.Google Scholar
Butler, K., Farley, T. McDaniel, P., Rexford, J. 2010. A survey of BGP security issues and solutions. In Proceedings of the IEEE 98(1): 100-122.Google ScholarCross Ref
Chan, H., Dash, D., Perrig, A., Zhang, H. 2006. Modeling adoptability of secure BGP protocols. Proceedings of the ACM SIGCOMM 2006 Conference. 36(4): 279-290. Google ScholarDigital Library
Cooper, D., Heilman, E., Brogle, K., Reyzin, L., Goldberg, S. 2013. On the risk of misbehaving RPKI authorities. In Proceedings of the 12th ACM Workshop on Hot Topics in Networks (HotNets XII). Google ScholarDigital Library
Cowie, J. 2010. China's 18-minute mystery. Renesys blog; http://www.renesys.com/blog/2010/11/chinas-18-minute-mystery.shtml.Google Scholar
FCC Communications Security, Reliability and Interoperability Council III (CSRIC). 2012. Secure BGP deployment. Communications and Strategies; http://transition.fcc.gov/bureaus/pshs/advisory/csric3/CSRICIII_9-12-12_WG6-Final-Report.pdf.Google Scholar
FCC Communications Security, Reliability and Interoperability Council, Working Group 6. 2013. Secure BGP deployment, final report. http://transition.fcc.gov/bureaus/pshs/advisory/csric3/CSRIC_III_WG6_Report_March_%202013.pdfGoogle Scholar
Gao, L., Rexford, J. 2001. Stable Internet routing without global coordination. IEEE/ACM Transactions on Networking 9(6): 681-692. Google ScholarDigital Library
Gill, P., Schapira, M., Goldberg, S. 2011. Let the market drive deployment: a strategy for transitioning to BGP security. In Proceedings of the ACM SIGCOMM 2011 Conference: 14-25. Google ScholarDigital Library
Gill, P., Schapira, M., Goldberg, S. 2013. A survey of interdomain routing policies. ACM SIGCOMM Computer Communication Review 44(1):28-34. Google ScholarDigital Library
Goldberg, S., Schapira, M., Hummon, P., Rexford, J. 2010. How secure are secure interdomain routing protocols? In Proceedings of the ACM SIGCOMM 2010 Conference: 87-98. Google ScholarDigital Library
Goldman, E. 2006. Sex.com-An update. Technology and Marketing Law blog; http://blog.ericgoldman.org/archives/2006/10/sexcom_an_updat.htm.Google Scholar
Government Printing Office. 2011. H.R.3261 - Stop Online Piracy Act.Google Scholar
Greenwald, G. 2014. How the NSA tampers with US-made Internet routers. The Guardian (May 12).Google Scholar
Heilman, E., Cooper, D., Reyzin, L., Goldberg, S. 2014. From the consent of the routed: improving the transparency of the RPKI. Proceedings of the ACM SIGCOMM 2014. Google ScholarDigital Library
Hiran, R., Carlsson, N., Gill, P. 2013. Characterizing large-scale routing anomalies: a case study of the China Telecom incident. In Passive and Active Measurement: 229-238. Springer Berlin Heidelberg. Google ScholarDigital Library
Horchert, J., Appelbaum, J., Stöocker, C. 2013. Shopping for spy gear: catalog advertises NSA toolbox. Der Spiegel (December 29); http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html.Google Scholar
Huston, G. 1999. Interconnection, peering and settlements, part I. Internet Protocol Journal 2(1).Google Scholar
Huston, G. 1999. Interconnection, peering and settlements, Part II. Internet Protocol Journal 2(2).Google Scholar
Huston, G., Rossi, M., Armitage, G. 2011. Securing BGP: a literature survey. IEEE Communications Surveys and Tutorials 13(2): 199-222.Google ScholarCross Ref
Mueller, M. L., Internet Governance Project. 2011. In important case, RIPE-NCC seeks legal clarity on how it responds to foreign court orders; http://www.internetgovernance.org/2011/11/23/in-important-case-ripe-ncc-seeks-legal-clarity-on-how-it-responds-to-foreign-court-orders/.Google Scholar
Kent, S., Mandelberg, D. 2014. Suspenders: a fail-safe mechanism for the RPKI. Internet Engineering Task Force (IETF); http://tools.ietf.org/html/draft-kent-sidr-suspenders-01.Google Scholar
LACNIC Labs. RPKI looking glass; http://www.labs.lacnic.net/rpkitools/looking_glass/.Google Scholar
Lepinski, M., ed. 2014. BGPSEC protocol specification. IETF Network Working Group; http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-05.Google Scholar
Lepinski, M., Kent, S. 2012. RFC 6480: an infrastructure to support secure Internet routing. Internet Engineering Task Force (IETF); http://tools.ietf.org/html/rfc6480.Google Scholar
Lychev, R., Goldberg, S., Schapira, M. 2013. BGP security in partial deployment. Is the juice worth the squeeze? In Proceedings of the ACM SIGCOMM 2013 Conference: 171-182. Google ScholarDigital Library
McPherson, D., Amante, S., Osterweil, E., Mitchell, D. eds. 2013. Draft: Route-leaks & MITM attacks against BGPSEC. IETF Network Working Group; http://tools.ietf.org/html/draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.Google Scholar
Miller, R. 2014. Court ruling: Israeli and US terrorism victims now 'own' Iran's Internet. Joshuapundit blog (June 25); http://joshuapundit.blogspot.com/2014/06/court-ruling-israeli-and-us-terrorism.html.Google Scholar
Mueller, M., Kuerbis, B. 2011. Negotiating a new governance hierarchy: an analysis of the conflicting incentives to secure Internet routing. Communications and Strategies 81: 125-142.Google Scholar
National Institute of Standards and Technology. RPKI deployment monitor; http://www-x.antd.nist.gov/rpki-monitor/.Google Scholar
Paseka, T. 2012. Why Google went offline today and a bit about how the Internet works. Cloudflare blog (November 6); http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about.Google Scholar
PeeringDB. 2014; https://www.peeringdb.com/.Google Scholar
Peterson, A. 2013. Researchers say U.S. Internet traffic was re-routed through Belarus. That's a problem. Washington Post (November 20).Google Scholar
Piscitello, D. 2012. Guidance for preparing domain name orders, seizures and takedowns. Thought Paper, ICANN (March).Google Scholar
RIPE Network Coordination Centre. RPKI validator; http://localcert.ripe.net:8088/trust-anchors.Google Scholar
RIPE Network Coordination Centre. 2008. YouTube hijacking: A RIPE NCC RIS case study. RIPE NCC Blog; http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study.Google Scholar
Schuchard, M., Thompson, C., Hopper, N., Kim, Y. 2012. Taking routers off their meds: why assumptions of router stability are dangerous. In Proceedings of the Network and Distributed System Security Symposium (NDSS).Google Scholar
Schuchard, M., Thompson, C., Hopper, N., Kim, Y. 2013. Peer pressure: exerting malicious influence on routers at a distance. In IEEE 33rd International Conference on Distributed Computing Systems (ICDCS): 571-580. Google ScholarDigital Library
Storm, D. 2014. 17 exploits the NSA uses to hack PCs, routers and servers for surveillance. ComputerWorld (January 3); http://blogs.computerworld.com/cybercrime-and-hacking/23347/17-exploits-nsa-uses-hack-pcs-routers-and-servers-surveillance.Google Scholar
Wang, L., Park, J., Oliveira, R., Zhang, B. Internet AS-level topology archive; http://irl.cs.ucla.edu/topology/.Google Scholar

Index Terms

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.

Recommendations

Why is it taking so long to secure internet routing?

Routing security incidents can still slip past deployed security defenses.

Read More
Secure routing for internet of things

The Internet of Things (IoT) could be described as the pervasive and global network which aids and provides a system for the monitoring and control of the physical world through the collection, processing and analysis of generated data by IoT sensor ...
Read More
Securing the Internet's Routing Infrastructure

Experts have been concerned about the security of the Internet's routing infrastructure, which was designed many years ago. Now, organizations are developing proposals to secure the infrastructure.

Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

Queue Volume 12, Issue 8
Security
August 2014
39 pages
ISSN:1542-7730
EISSN:1542-7749
DOI:10.1145/2668152
Issue’s Table of Contents

Copyright © 2014 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 8 August 2014
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
- Popular
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 14
  Total Citations
  View Citations
- 72,343
  Total Downloads
- Downloads (Last 12 months)5,224
- Downloads (Last 6 weeks)724
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.

Queue

Abstract

References

Cited By

Index Terms

Recommendations

Why is it taking so long to secure internet routing?

Secure routing for internet of things

Securing the Internet's Routing Infrastructure

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

HTML Format

Caption

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.

Queue

Abstract

References

Cited By

Index Terms

Recommendations

Why is it taking so long to secure internet routing?

Secure routing for internet of things

Securing the Internet's Routing Infrastructure

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

HTML Format

Share this Publication link

Share on Social Media