Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering

Publikation: Beitrag in FachzeitschriftForschungsartikelBeigetragenBegutachtung

Beitragende

  • Andreas Reuter - , Freie Universität (FU) Berlin (Autor:in)
  • Randy Bush - , Dragon Research (Autor:in)
  • Italo Cunha - , Universidade Federal de Minas Gerais (Autor:in)
  • Ethan Katz-Bassett - , Columbia University (Autor:in)
  • Thomas C. Schmidt - , Hochschule fur Angewandte Wissenschaften Hamburg (HAW) (Autor:in)
  • Matthias Wählisch - , Professur für Distributed and Networked Systems, Freie Universität (FU) Berlin (Autor:in)

Abstract

A proposal to improve routing security—Route Origin Authorization (ROA)—has been standardized. A ROA specifies which network is allowed to announce a set of Internet destinations. While some networks now specify ROAs, little is known about whether other networks check routes they receive against these ROAs, a process known as Route Origin Validation (ROV). Which networks blindly accept invalid routes? Which reject them outright? Which de-preference them if alternatives exist? Recent analysis attempts to use uncontrolled experiments to characterize ROV adoption by comparing valid routes and invalid routes [5]. However, we argue that gaining a solid understanding of ROV adoption is impossible using currently available data sets and techniques. Instead, we devise a verifiable methodology of controlled experiments for measuring ROV. Our measurements suggest that, although some ISPs are not observed using invalid routes in uncontrolled experiments, they are actually using dierent routes for (non-security) traffic engineering purposes, without performing ROV. We conclude with presenting three AS that do implement ROV as confirmed by the operators.

Details

OriginalspracheEnglisch
Seiten (von - bis)19-27
Seitenumfang9
FachzeitschriftACM SIGCOMM computer communication review
Jahrgang48
Ausgabenummer1
PublikationsstatusVeröffentlicht - Jan. 2018
Peer-Review-StatusJa

Externe IDs

ORCID /0000-0002-3825-2807/work/142241905

Schlagworte

Forschungsprofillinien der TU Dresden

Fächergruppen, Lehr- und Forschungsbereiche, Fachgebiete nach Destatis

Schlagwörter

  • BGP, Internet security, Routing policies, RPKI, Reproducible research, Internet, Routing, Security

Bibliotheksschlagworte