research-article

Free Access

Why is it taking so long to secure internet routing?

Author:
Sharon Goldberg

Boston University

Boston University
View Profile

Authors Info & Claims

Communications of the ACM Volume 57 Issue 10October 2014pp 56–63https://doi.org/10.1145/2659899

Published:23 September 2014Publication History

Communications of the ACM

Abstract

Routing security incidents can still slip past deployed security defenses.

References

Ballani, H., Francis, P. and Zhang, X. A study of prefix hijacking and interception in the Internet. In Proceedings of the ACM SIGCOMM 2007 Conference, 265--276. Google ScholarDigital Library
Brown, M. Pakistan hijacks YouTube. Renesys blog; http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml.Google Scholar
Butler, K., Farley, T. McDaniel, P. and Rexford, J. A survey of BGP security issues and solutions. In Proceedings of the IEEE 98, 1, (2010), 100--122.Google ScholarCross Ref
Chan, H., Dash, D., Perrig, A. and Zhang, H. Modeling adoptability of secure BGP protocol. In Proceedings of the ACM 2006 SIGCOMM Conference, 279--290. Google ScholarDigital Library
Cooper, D., Heilman, E., Brogle, K., Reyzin, L. and Goldberg, S. On the risk of misbehaving RPKI authorities. In Proceedings of the 12^th ACM Workshop on Hot Topics in Networks (2013). Google ScholarDigital Library
Cowie, J. China's 18-minute mystery. Renesys blog, 2010; http://www.renesys.com/blog/2010/11/chinas-18-minute-mystery.shtml.Google Scholar
FCC Communications Security, Reliability and Interoperability Council III (CSRIC). Secure BGP deployment. Communications and Strategies; (2012); http://transition.fcc.gov/bureaus/pshs/advisory/csric3/CSRICIII_9-12-12_WG6-Final-Report.pdf.Google Scholar
FCC Communications Security, Reliability and Interoperability Council, Working Group 6. Secure BGP deployment, final report, 2013.Google Scholar
Gao, L., Rexford, J. Stable Internet routing without global coordination. IEEE/ACM Transactions on Networking 9, 6 (2001), 681--692. Google ScholarDigital Library
Gill, P., Schapira, M. and Goldberg, S. Let the market drive deployment: A strategy for transitioning to BGP security. In Proceedings of the ACM SIGCOMM 2011 Conference, 14--25. Google ScholarDigital Library
Gill, P., Schapira, M. and Goldberg, S. A survey of interdomain routing policies. ACM SIGCOMM Computer Communication Review 44, 1 (2013), 28--34. Google ScholarDigital Library
Goldberg, S., Schapira, M., Hummon, P. and Rexford, J. How secure are secure interdomain routing protocols? In Proceedings of the ACM SIGCOMM 2010 Conference, 87--98. Google ScholarDigital Library
Goldman, E. Sex.com--An update. Technology and Marketing Law blog, 2010; http://blog.ericgoldman.org/archives/2006/10/sexcom_an_updat.htm.Google Scholar
Government Printing Office. H.R.3261 - Stop Online Piracy Act, 2011.Google Scholar
Greenwald, G. How the NSA tampers with US-made Internet routers. The Guardian (May 12, 2014); http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden.Google Scholar
Heilman, E., Cooper, D., Reyzin, L. and Goldberg, S. From the consent of the routed: Improving the transparency of the RPKI In Proceedings of the ACM SIGCOMM 2014 Conference. Google ScholarDigital Library
Hiran, R., Carlsson, N. and Gill, P. 2013. Characterizing large-scale routing anomalies: a case study of the China Telecom incident. In Passive and Active Measurement. Springer, Berlin Heidelberg, 2013, 229--238. Google ScholarDigital Library
Horchert, J., Appelbaum, J. and Stöocker, C. 2013. Shopping for spy gear: Catalog advertises NSA toolbox. Der Spiegel (Dec. 29, 2013); http://www.spiegel.de/international/world/catalog-reveals-nsa-has-backdoors-for-numerous-devices-a-940994.html.Google Scholar
Huston, G. Interconnection, peering and settlements, Part I. Internet Protocol Journal 2, 1 (1999). Cisco.Google Scholar
Huston, G. Interconnection, peering and settlements, Part II. Internet Protocol Journal 2, 2 (1999). Cisco.Google Scholar
Huston, G., Rossi, M. and Armitage, G. Securing BGP: a literature survey. IEEE Communications Surveys and Tutorials 13, 2 (2011), 199--222.Google ScholarCross Ref
Internet Governance Project. M.L. Mueller. In important case, RIPE-NCC seeks legal clarity on how it responds to foreign court orders; http://www.internetgovernance.org/2011/11/23/in-important-case-ripe-ncc-seeks-legal-clarity-on-how-it-responds-to-foreign-court-orders/.Google Scholar
Kent, S. and Mandelberg, D. Suspenders: a fail-safe mechanism for the RPKI. Internet Engineering Task Force, 2014; http://tools.ietf.org/html/draft-kent-sidr-suspenders-01.Google Scholar
LACNIC Labs. RPKI looking glass; www.labs.lacnic.net/rpkitools/looking_glass/.Google Scholar
Lepinski, M., ed. BGPSEC protocol specification. IETF Network Working Group, 2014; http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-05.Google Scholar
Lepinski, M. and Kent, S. RFC 6480: an infrastructure to support secure Internet routing. Internet Engineering Task Force, 2012; http://tools.ietf.org/html/rfc6480.Google Scholar
Lychev, R., Goldberg, S. and Schapira, M. BGP security in partial deployment. Is the juice worth the squeeze? In Proceedings of the ACM SIGCOMM 2013 Conference, 171--182. Google ScholarDigital Library
McPherson, D., Amante, S., Osterweil, E. and Mitchell, D. eds. Draft. Route leaks and MITM attacks against BGPSEC. IETF Network Working Group, 2013; http://tools.ietf.org/html/draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.Google Scholar
Miller, R. Court ruling: Israeli and US terrorism victims now "own" Iran's Internet. Joshuapundit blog (June 25, 2014); http://joshuapundit.blogspot.com/2014/06/court-ruling-israeli-and-us-terrorism.html.Google Scholar
Mueller, M. and Kuerbis, B. Negotiating a new governance hierarchy: an analysis of the conflicting incentives to secure Internet routing. Communications and Strategies 81 (2011), 125--142.Google Scholar
National Institute of Standards and Technology. RPKI deployment monitor; http://www-x.antd.nist.gov/rpki-monitor/.Google Scholar
Paseka, T. Why Google went offline today and a bit about how the Internet works. Cloudflare blog (Nov. 6, 2012); http://blog.cloudflare.com/why-google-went-offline-today-and-a-bit-about.Google Scholar
PeeringDB. 2014; https://www.peeringdb.com/.Google Scholar
Peterson, A. Researchers say U.S. Internet traffic was re-routed through Belarus. That's a problem. Washington Post (Nov. 20, 2013).Google Scholar
Piscitello, D. Guidance for preparing domain name orders, seizures and takedowns. Thought paper. ICANN (Mar. 2012).Google Scholar
RIPE Network Coordination Centre. RPKI validator; http://localcert.ripe.net:8088/trust-anchors.Google Scholar
RIPE Network Coordination Centre. YouTube hijacking: A RIPE NCC RIS case study. RIPE NCC Blog, 2008; http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study.Google Scholar
Schuchard, M., Thompson, C., Hopper, N. and Kim, Y. Taking routers off their meds: why assumptions of router stability are dangerous. In Proceedings of the Network and Distributed System Security Symposium. 2012.Google Scholar
Schuchard, M., Thompson, C., Hopper, N. and Kim, Y. 2013. Peer pressure: exerting malicious influence on routers at a distance. In IEEE 33^rd International Conference on Distributed Computing Systems, 2013, 571--580. Google ScholarDigital Library
Storm, D. 17 exploits the NSA uses to hack PCs, routers and servers for surveillance. ComputerWorld (Jan. 3, 2014); http://blogs.computerworld.com/cybercrime-and-hacking/23347/17-exploits-nsa-uses-hack-pcs-routers-and-servers-surveillance.Google Scholar
Wang, L., Park, J., Oliveira, R. and Zhang, B. Internet AS-level topology archive; http://irl.cs.ucla.edu/topology/.Google Scholar

Index Terms

Why is it taking so long to secure internet routing?
1. Networks
  1. Network protocols

Recommendations

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.
Security

BGP (Border Gateway Protocol) is the glue that sticks the Internet together, enabling data communications between large networks operated by different organizations. BGP makes Internet communications global by setting up routes for traffic between ...
Read More
Secure routing for internet of things

The Internet of Things (IoT) could be described as the pervasive and global network which aids and provides a system for the monitoring and control of the physical world through the collection, processing and analysis of generated data by IoT sensor ...
Read More
Securing the Internet's Routing Infrastructure

Experts have been concerned about the security of the Internet's routing infrastructure, which was designed many years ago. Now, organizations are developing proposals to secure the infrastructure.

Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
Communications of the ACM Volume 57, Issue 10
October 2014
99 pages
ISSN:0001-0782
EISSN:1557-7317
DOI:10.1145/2661061
Editor:
Moshe Y. Vardi
Association for Computing Machinery, New York, NY
Issue’s Table of Contents
Copyright © 2014 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 23 September 2014
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
- Popular
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 69
  Total Citations
  View Citations
- 5,992
  Total Downloads
- Downloads (Last 12 months)301
- Downloads (Last 6 weeks)30
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Why is it taking so long to secure internet routing?

Communications of the ACM

Abstract

References

Cited By

Index Terms

Recommendations

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.

Secure routing for internet of things

Securing the Internet's Routing Infrastructure

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

HTML Format

Caption

Why is it taking so long to secure internet routing?

Communications of the ACM

Abstract

References

Cited By

Index Terms

Recommendations

Why Is It Taking So Long to Secure Internet Routing?: Routing security incidents can still slip past deployed security defenses.

Secure routing for internet of things

Securing the Internet's Routing Infrastructure

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

HTML Format

Share this Publication link

Share on Social Media