Stop, DROP, and ROA

Oliver, Leo; Akiwate, Gautam; Luckie, Matthew; Du, Ben; claffy, kc

doi:10.1145/3517745.3561454

Cited by 6 publications

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a final remark, our goal is not to propose a new interdomain routing model, or infer more accurately the routing policies in the Internet, but to pinpoint the intersections and disparities of the results our replication effort against the findings and insights of the original work [63]. Finally, we believe that our results can aid in the understanding of a variety of interdomain routing applications, such as the measurement of the RPKI adoption [17,49], fine-grained interdomain policy learning [62,67], interdomain routing verification [10], privacy-preserving routing [13], discovering caching policies in the wild [18,34] and studying routing attacks [56].…”

Section: Introductionmentioning

confidence: 84%

Replication: 20 Years of Inferring Interdomain Routing Policies

Kastanakis,

Giotsas,

Livadariu

et al. 2023

Proceedings of the 2023 ACM on Internet Measurement Conference

View full text Add to dashboard Cite

In 2003, Wang and Gao [63] presented an algorithm to infer and characterize routing policies as this knowledge could be valuable in predicting and debugging routing paths. They used their algorithm to measure the phenomenon of selectively announced prefixes, in which, ASes would announce their prefixes to specific providers to manipulate incoming traffic. Since 2003, the Internet has evolved from a hierarchical graph, to a flat and dense structure. Despite 20 years of extensive research since that seminal work, the impact of these topological changes on routing policies is still blurred.In this paper we conduct a replicability study of the Wang and Gao paper [63], to shed light on the evolution and the current state of selectively announced prefixes. We show that selective announcements are persistent, not only across time, but also across networks. Moreover, we observe that neighbors of different AS relationships may be assigned with the same local preference values, and path selection is not as heavily dependent on AS relationships as it used to be. Our results highlight the need for BGP policy inference to be conducted as a high-periodicity process to account for the dynamic nature of AS connectivity and the derived policies.

show abstract

Section: Introductionmentioning

confidence: 84%

Replication: 20 Years of Inferring Interdomain Routing Policies

Kastanakis,

Giotsas,

Livadariu

et al. 2023

Proceedings of the 2023 ACM on Internet Measurement Conference

View full text Add to dashboard Cite

show abstract

“…Oliver et al [122] investigated the usage patterns of 712 prefixes from Spamhaus' "Don't Route or Peer" (DROP) list [160], which operators frequently use to identify maliciously used address space. They found that for 32% of prefixes' IRR entries were created a month before the prefixes were added to the blocklist, highlighting the fact that the IRR is not a reliable source for filtering information since it can be easily manipulated.…”

Section: As0 Roasmentioning

confidence: 99%

The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future Prospects

Rodday,

Cunha,

Bush

et al. 2024

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

The adoption of the Resource Public Key Infrastructure (RPKI) is increasing. To better understand and improve RPKI deployment, measuring route origin authorization (ROA) objects, RPKI route origin validation (ROV), and RPKI resilience is essential. In this paper, we survey RPKI-related research that aims to understand RPKI deployment. Additionally, we enrich our survey with many industry and IETF-related contributions.Our work provides an in-depth analysis of the many ideas and challenges discussed in studies of the RPKI ecosystem and includes lessons from mistakes made in the past, which we should avoid in the future.

show abstract

“…At the beginning of its design, the BGP protocol was oriented to a small range of trusted networks, and security issues were not in the scope of consideration. However, with the advancement of technology, the Internet has long become an open space, and due to the lack of effective security mechanisms, the BGP protocol is often subjected to malicious attacks, among which, prefix hijacking is the most discussed security issue among researchers [4][5][6][7][8][9][10][11][12] . In the process of route propagation, the BGP protocol does not examine the content of routes and route propagation paths, which leads to BGP prefix hijacking when an autonomous domain externally declares a prefix address block that does not belong to it or externally declares a prefix address that has not yet been assigned [13] .…”

Section: Introductionmentioning

confidence: 99%

BGP prefix hijack detection algorithm based on MOAS event feature

Kaiyu

2024

International Conference on Computer Network Security and Software Engineering (CNSSE 2024)

View full text Add to dashboard Cite

Stop, DROP, and ROA

Cited by 6 publications

References 17 publications

Replication: 20 Years of Inferring Interdomain Routing Policies

Replication: 20 Years of Inferring Interdomain Routing Policies

The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future Prospects

BGP prefix hijack detection algorithm based on MOAS event feature

Contact Info

Product

Resources

About