Title :
Incrementally-Deployable Security for Interdomain Routing
Author :
Rexford, Jennifer ; Feigenbaum, Joan
Author_Institution :
Princeton Univ., Princeton, NJ
Abstract :
The Internetpsilas interdomain-routing system is extremely vulnerable to accidental failure, configuration errors, and malicious attack. Any successful approach to improving interdomain-routing security must satisfy two requirements for incremental deployability: backwards compatibility with the existing routing protocol and installed base of routers and incentive compatibility with the desire of each domain to improve its part of the routing system even if other domains have not taken similar steps. We propose an incrementally deployable approach based on a routing control platform (RCP) that makes routing decisions on behalf of the routers in a domain, without requiring changes to the routers or protocols. The RCP runs anomaly-detection algorithms that identify, and avoid, suspicious routes, allowing a domain (or a small group of cooperating domains) to significantly improve interdomain routing security.
Keywords :
Internet; routing protocols; security of data; Internet´s; accidental failure; anomaly-detection algorithms; backwards compatibility; configuration errors; incentive compatibility; incremental deploy; incrementally-deployable security; interdomain routing; malicious attack; routing control platform; routing protocol; Computer security; IEEE news; IP networks; Information security; Internet; National security; Routing protocols; Telecommunication traffic; Terrorism; YouTube; Critical Infrastructure Protection; Security and Trustworthiness; Security of Operational Systems;
Conference_Titel :
Conference For Homeland Security, 2009. CATCH '09. Cybersecurity Applications & Technology
Conference_Location :
Washington, DC
Print_ISBN :
978-0-7695-3568-5
DOI :
10.1109/CATCH.2009.35
