Abstract
BGP (Border Gateway Protocol) is the glue that sticks the Internet together, enabling data communications between large networks operated by different organizations. BGP makes Internet communications global by setting up routes for traffic between organizations - for example, from Boston University’s network, through larger ISPs (Internet service providers) such as Level3, Pakistan Telecom, and China Telecom, then on to residential networks such as Comcast or enterprise networks such as Bank of America.
- Ballani, H., Francis, P., Zhang, X. 2007. A study of prefix hijacking and interception in the Internet. Proceedings of the ACM SIGCOMM 2007 Conference: 265-276. Google ScholarDigital Library
- Brown, M. 2008. Pakistan hijacks YouTube. Renesys blog; http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml.Google Scholar
- Butler, K., Farley, T. McDaniel, P., Rexford, J. 2010. A survey of BGP security issues and solutions. In Proceedings of the IEEE 98(1): 100-122.Google ScholarCross Ref
- Chan, H., Dash, D., Perrig, A., Zhang, H. 2006. Modeling adoptability of secure BGP protocols. Proceedings of the ACM SIGCOMM 2006 Conference. 36(4): 279-290. Google ScholarDigital Library
- Cooper, D., Heilman, E., Brogle, K., Reyzin, L., Goldberg, S. 2013. On the risk of misbehaving RPKI authorities. In Proceedings of the 12th ACM Workshop on Hot Topics in Networks (HotNets XII). Google ScholarDigital Library
- Cowie, J. 2010. China's 18-minute mystery. Renesys blog; http://www.renesys.com/blog/2010/11/chinas-18-minute-mystery.shtml.Google Scholar
- FCC Communications Security, Reliability and Interoperability Council III (CSRIC). 2012. Secure BGP deployment. Communications and Strategies; http://transition.fcc.gov/bureaus/pshs/advisory/csric3/CSRICIII_9-12-12_WG6-Final-Report.pdf.Google Scholar
- FCC Communications Security, Reliability and Interoperability Council, Working Group 6. 2013. Secure BGP deployment, final report. http://transition.fcc.gov/bureaus/pshs/advisory/csric3/CSRIC_III_WG6_Report_March_%202013.pdfGoogle Scholar
- Gao, L., Rexford, J. 2001. Stable Internet routing without global coordination. IEEE/ACM Transactions on Networking 9(6): 681-692. Google ScholarDigital Library
- Gill, P., Schapira, M., Goldberg, S. 2011. Let the market drive deployment: a strategy for transitioning to BGP security. In Proceedings of the ACM SIGCOMM 2011 Conference: 14-25. Google ScholarDigital Library
- Gill, P., Schapira, M., Goldberg, S. 2013. A survey of interdomain routing policies. ACM SIGCOMM Computer Communication Review 44(1):28-34. Google ScholarDigital Library
- Goldberg, S., Schapira, M., Hummon, P., Rexford, J. 2010. How secure are secure interdomain routing protocols? In Proceedings of the ACM SIGCOMM 2010 Conference: 87-98. Google ScholarDigital Library
- Goldman, E. 2006. Sex.com-An update. Technology and Marketing Law blog; http://blog.ericgoldman.org/archives/2006/10/sexcom_an_updat.htm.Google Scholar
- Government Printing Office. 2011. H.R.3261 - Stop Online Piracy Act.Google Scholar
- Greenwald, G. 2014. How the NSA tampers with US-made Internet routers. The Guardian (May 12).Google Scholar
- Heilman, E., Cooper, D., Reyzin, L., Goldberg, S. 2014. From the consent of the routed: improving the transparency of the RPKI. Proceedings of the ACM SIGCOMM 2014. Google ScholarDigital Library
- Hiran, R., Carlsson, N., Gill, P. 2013. Characterizing large-scale routing anomalies: a case study of the China Telecom incident. In Passive and Active Measurement: 229-238. Springer Berlin Heidelberg. Google ScholarDigital Library
- Horchert, J., Appelbaum, J., Stöocker, C. 2013. Shopping for spy gear: catalog advertises NSA toolbox. Der Spiegel (December 29); http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html.Google Scholar
- Huston, G. 1999. Interconnection, peering and settlements, part I. Internet Protocol Journal 2(1).Google Scholar
- Huston, G. 1999. Interconnection, peering and settlements, Part II. Internet Protocol Journal 2(2).Google Scholar
- Huston, G., Rossi, M., Armitage, G. 2011. Securing BGP: a literature survey. IEEE Communications Surveys and Tutorials 13(2): 199-222.Google ScholarCross Ref
- Mueller, M. L., Internet Governance Project. 2011. In important case, RIPE-NCC seeks legal clarity on how it responds to foreign court orders; http://www.internetgovernance.org/2011/11/23/in-important-case-ripe-ncc-seeks-legal-clarity-on-how-it-responds-to-foreign-court-orders/.Google Scholar
- Kent, S., Mandelberg, D. 2014. Suspenders: a fail-safe mechanism for the RPKI. Internet Engineering Task Force (IETF); http://tools.ietf.org/html/draft-kent-sidr-suspenders-01.Google Scholar
- LACNIC Labs. RPKI looking glass; http://www.labs.lacnic.net/rpkitools/looking_glass/.Google Scholar
- Lepinski, M., ed. 2014. BGPSEC protocol specification. IETF Network Working Group; http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-05.Google Scholar
- Lepinski, M., Kent, S. 2012. RFC 6480: an infrastructure to support secure Internet routing. Internet Engineering Task Force (IETF); http://tools.ietf.org/html/rfc6480.Google Scholar
- Lychev, R., Goldberg, S., Schapira, M. 2013. BGP security in partial deployment. Is the juice worth the squeeze? In Proceedings of the ACM SIGCOMM 2013 Conference: 171-182. Google ScholarDigital Library
- McPherson, D., Amante, S., Osterweil, E., Mitchell, D. eds. 2013. Draft: Route-leaks & MITM attacks against BGPSEC. IETF Network Working Group; http://tools.ietf.org/html/draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.Google Scholar
- Miller, R. 2014. Court ruling: Israeli and US terrorism victims now 'own' Iran's Internet. Joshuapundit blog (June 25); http://joshuapundit.blogspot.com/2014/06/court-ruling-israeli-and-us-terrorism.html.Google Scholar
- Mueller, M., Kuerbis, B. 2011. Negotiating a new governance hierarchy: an analysis of the conflicting incentives to secure Internet routing. Communications and Strategies 81: 125-142.Google Scholar
- National Institute of Standards and Technology. RPKI deployment monitor; http://www-x.antd.nist.gov/rpki-monitor/.Google Scholar
- Paseka, T. 2012. Why Google went offline today and a bit about how the Internet works. Cloudflare blog (November 6); http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about.Google Scholar
- PeeringDB. 2014; https://www.peeringdb.com/.Google Scholar
- Peterson, A. 2013. Researchers say U.S. Internet traffic was re-routed through Belarus. That's a problem. Washington Post (November 20).Google Scholar
- Piscitello, D. 2012. Guidance for preparing domain name orders, seizures and takedowns. Thought Paper, ICANN (March).Google Scholar
- RIPE Network Coordination Centre. RPKI validator; http://localcert.ripe.net:8088/trust-anchors.Google Scholar
- RIPE Network Coordination Centre. 2008. YouTube hijacking: A RIPE NCC RIS case study. RIPE NCC Blog; http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study.Google Scholar
- Schuchard, M., Thompson, C., Hopper, N., Kim, Y. 2012. Taking routers off their meds: why assumptions of router stability are dangerous. In Proceedings of the Network and Distributed System Security Symposium (NDSS).Google Scholar
- Schuchard, M., Thompson, C., Hopper, N., Kim, Y. 2013. Peer pressure: exerting malicious influence on routers at a distance. In IEEE 33rd International Conference on Distributed Computing Systems (ICDCS): 571-580. Google ScholarDigital Library
- Storm, D. 2014. 17 exploits the NSA uses to hack PCs, routers and servers for surveillance. ComputerWorld (January 3); http://blogs.computerworld.com/cybercrime-and-hacking/23347/17-exploits-nsa-uses-hack-pcs-routers-and-servers-surveillance.Google Scholar
- Wang, L., Park, J., Oliveira, R., Zhang, B. Internet AS-level topology archive; http://irl.cs.ucla.edu/topology/.Google Scholar
Index Terms
- Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.
Recommendations
Why is it taking so long to secure internet routing?
Routing security incidents can still slip past deployed security defenses.
Secure routing for internet of things
The Internet of Things (IoT) could be described as the pervasive and global network which aids and provides a system for the monitoring and control of the physical world through the collection, processing and analysis of generated data by IoT sensor ...
Securing the Internet's Routing Infrastructure
Experts have been concerned about the security of the Internet's routing infrastructure, which was designed many years ago. Now, organizations are developing proposals to secure the infrastructure.
Comments