Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering-Reference-Cited by-同舟云学术

Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering

Published:2018-04-27 Issue:1 Volume:48 Page:19-27
ISSN:0146-4833
Container-title:ACM SIGCOMM Computer Communication Review
language:en
Short-container-title:SIGCOMM Comput. Commun. Rev.

Author:

Reuter Andreas¹,Bush Randy²,Cunha Italo³,Katz-Bassett Ethan⁴,Schmidt Thomas C.⁵,Wählisch Matthias¹

Affiliation:

1. Freie Universität Berlin

2. IIJ Research / Dragon Research

3. Unversidade Federal de Minas Gerais

4. Columbia University

5. HAW Hamburg

Abstract

A proposal to improve routing security---Route Origin Authorization (ROA)---has been standardized. A ROA specifies which network is allowed to announce a set of Internet destinations. While some networks now specify ROAs, little is known about whether other networks check routes they receive against these ROAs, a process known as Route Origin Validation (ROV). Which networks blindly accept invalid routes? Which reject them outright? Which de-preference them if alternatives exist? Recent analysis attempts to use uncontrolled experiments to characterize ROV adoption by comparing valid routes and invalid routes. However, we argue that gaining a solid understanding of ROV adoption is impossible using currently available data sets and techniques. Instead, we devise a verifiable methodology of controlled experiments for measuring ROV. Our measurements suggest that, although some ISPs are not observed using invalid routes in uncontrolled experiments, they are actually using different routes for (non-security) traffic engineering purposes, without performing ROV. We conclude with presenting three AS that do implement ROV as confirmed by the operators.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3211852.3211856

Reference24 articles.

1. Investigating Interdomain Routing Policies in the Wild

2. R. Bush R. Austein K. Patel H. Gredler and M. Waehlisch. 2014. Resource Public Key Infrastructure (RPKI) Router Implementation Report. RFC 7128. IETF. R. Bush R. Austein K. Patel H. Gredler and M. Waehlisch. 2014. Resource Public Key Infrastructure (RPKI) Router Implementation Report . RFC 7128. IETF.

3. CAIDA. 2012. AS Rank. http://as-rank.caida.org/data/. (2012). CAIDA. 2012. AS Rank. http://as-rank.caida.org/data/. (2012).

4. Are We There Yet? On RPKI's Deployment and Security

Cited by 36 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Exploring the Benefit of Path Plausibility Algorithms in BGP;NOMS 2024-2024 IEEE Network Operations and Management Symposium;2024-05-06

2. A Tale of Two Synergies: Uncovering RPKI Practices for RTBH at IXPs;Lecture Notes in Computer Science;2024

3. BGPy: The BGP Python Security Simulator;2023 Cyber Security Experimentation and Test Workshop;2023-08-07

4. Comp-RPKI: A Decentralized Protocol for Full Route Origin Validation;2023 9th International Conference on Big Data Computing and Communications (BigCom);2023-08-04

5. Toward the mutual routing security in wide area networks: A scoping review of current threats and countermeasures;Computer Networks;2023-07