Abstract | ||
---|---|---|
Abstract BGP, the current inter - domain routing protocol, assumes that the routing information propagated by authenticated routers is correct This assumption renders the current in - frastructure vulnerable to both accidental misconfigura - tions and deliberate attacks To reduce this vulnerabil - ity, we present a combination of two mechanisms: Listen and Whisper Listen passively probes the data plane and checks whether the underlying routes to different destina - tions work Whisper uses cryptographic functions along with routing redundancy to detect bogus route advertise - ments in the control plane These mechanisms are easily deployable, and do not rely on either a public key infras - tructure or a central authority like ICANN The combination of Listen and Whisper eliminates a large number of problems due to router misconfigurations, and restricts (though not eliminates) the damage that deliber - ate attackers can cause Moreover, these mechanisms can detect and contain isolated adversaries that propagate even a few invalid route announcements Colluding adversaries pose a more stringent challenge, and we propose simple changes to the BGP policy mechanism to limit the dam - age colluding adversaries can cause We demonstrate the utility of Listen and Whisper through real - world deploy - ment, measurements and empirical analysis For example, a randomly placed isolated adversary, in the worst case can affect reachability to only 1% of the nodes |
Year | Venue | Keywords |
---|---|---|
2004 | NSDI | public key |
Field | DocType | Citations |
World Wide Web,Computer security,Computer science | Conference | 5 |
PageRank | References | Authors |
1.10 | 10 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Lakshminarayanan Subramanian | 1 | 1540 | 163.14 |
Volker Roth | 2 | 1142 | 111.35 |
I. Stoica | 3 | 21406 | 1710.11 |
Scott Shenker | 4 | 1384 | 555.46 |
Randy H. Katz | 5 | 16819 | 3018.89 |