Inter-domain Routing Security

Research Mentor: Amir Herzberg and Bing Wang

Inter-domain routing is the glue that connects autonomous systems in the Internet into a globally interconnected network. The Border Gateway Protocol (BGP) is the de facto inter-domain routing protocol; unfortunately, it was designed with no security in mind. As a result, it is vulnerable and has been abused for myriad attacks, including phishing, spam, Denial of Service (DoS), DNS poisoning, eavesdropping and Man-in-the-Middle attacks. While extensive research and standardization efforts have been dedicated to secure inter-domain routing, so far, these efforts have only led to limited impact and deployment.

One of the goals of the project is improving the deployment and effectiveness of Route Origin Validation (ROV), a prominent IETF proposed standard for origin validation. Specifically, ROV uses the Resource Public Key Infrastructure (RPKI), a hierarchical certification system that binds IP address blocks to owners' public keys, to detect and discard invalid BGP announcements from unauthorized autonomous systems (ASes). RPKI/ROV is the current leading standardized defense against prefix hijacking attacks (where an AS claims to be the owner of an IP prefix block without authorization). The deployment of ROV is, however, frustratingly slow. As pointed out in our prior work, the lack of deployment of ROV is due to many reasons, including insufficient security benefits (especially for early deployments), lack of incentives and motivation, concerns about loss of traffic due to partial or imprecise ROA deployments, and more. The specific aim of the project is to develop and provide a RPKI/ROV Forecast web service for each AS. This service will increase the awareness of the benefits of RPKI/ROV among network operators and decision makers, by providing easy-to-use tools showing the impact and benefits of deploying RPKI/ROV on each AS in the Internet. Our hope is that the understanding gained by the network operators and decision makers can help them make informed decisions to deploy ROV and determine what variant of ROV (the web service will provide what-if analysis on a number of variants of ROV) to deploy for their network.

Components for Student Participation

The above web service is a large-scale complex system. While a basic prototype of the web service is working, a large amount of work remains. One important aspect is validating and improving the BGP Extrapolator. The BGP Extrapolator can lead to false positives (extraneous BGP announcements) and false negatives (missed BGP announcements) at an AS due to multiple reasons, e.g., missed announcements at specific monitors, incompleteness of the inferred AS topology, inaccuracy of the inferred AS relationships). In summer 2019, two REU students, have started to validate the performance of our current BGP Extrapolator and identified that the data collected at the public vintage points are highly heterogeneous, calling for a careful design of the validation methodology. Since the BGP Extrapolator uses extremely large-scale datasets as input, even a single run using a subset of the data involves multiple hours of execution time. As a result, the students need to explore ways to improve the efficiency of the design. We expect future REU students to explore the large-scale system and datasets. They will further the data analysis, refine the validation methodology, quantify the accuracy of the BGP Extrapolator, and develop improvement to the extrapolation results. In addition to the BGP Extrapolator, the REU students will also explore ROV policies that provide better performance.