TY - GEN
T1 - Incrementally-deployable security for interdomain routing
AU - Rexford, Jennifer L.
AU - Feigenbaum, Joan
PY - 2009/6/8
Y1 - 2009/6/8
N2 - The Internet's interdomain-routing system is extremely vulnerable to accidental failure, configuration errors, and malicious attack. Any successful approach to improving interdomain-routing security must satisfy two requirements for incremental deployability: backwards compatibility with the existing routing protocol and installed base of routers and incentive compatibility with the desire of each domain to improve its part of the routing system even if other domains have not taken similar steps. We propose an incrementally deployable approach based on a Routing Control Platform(RCP) that makes routing decisions on behalf of the routers in a domain, without requiring changes to the routers or protocols. The RCP runs anomaly-detection algorithms that identify, and avoid, suspicious routes, allowing a domain (or a small group of cooperating domains) to significantly improve interdomain routing security.
AB - The Internet's interdomain-routing system is extremely vulnerable to accidental failure, configuration errors, and malicious attack. Any successful approach to improving interdomain-routing security must satisfy two requirements for incremental deployability: backwards compatibility with the existing routing protocol and installed base of routers and incentive compatibility with the desire of each domain to improve its part of the routing system even if other domains have not taken similar steps. We propose an incrementally deployable approach based on a Routing Control Platform(RCP) that makes routing decisions on behalf of the routers in a domain, without requiring changes to the routers or protocols. The RCP runs anomaly-detection algorithms that identify, and avoid, suspicious routes, allowing a domain (or a small group of cooperating domains) to significantly improve interdomain routing security.
UR - http://www.scopus.com/inward/record.url?scp=66249133370&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=66249133370&partnerID=8YFLogxK
U2 - 10.1109/CATCH.2009.35
DO - 10.1109/CATCH.2009.35
M3 - Conference contribution
AN - SCOPUS:66249133370
SN - 9780769535685
T3 - Proceedings - Cybersecurity Applications and Technology Conference for Homeland Security, CATCH 2009
SP - 130
EP - 134
BT - Proceedings - Cybersecurity Applications and Technology Conference for Homeland Security, CATCH 2009
T2 - Cybersecurity Applications and Technology Conference for Homeland Security, CATCH 2009
Y2 - 3 March 2009 through 4 March 2009
ER -