Comparing Ingress and Egress Detection to Secure Interdomain Routing: An Experimental Analysis

摘要

The global economy and society increasingly depends on computer networks linked together by the Internet. The importance of computer networks reaches far beyond the telecommunications sector since they have become a critical factor for many other crucial infrastructures and markets. With threats mounting and security incidents becoming more frequent, concerns about network security grow. It is an acknowledged fact that some of the most fundamental network protocols that make the Internet work are exposed to serious threats. One of them is the Border Gateway Protocol (BGP) which determines how Internet traffic is routed through the topology of administratively independent networks that the Internet is comprised of. Despite the existence of a steadily growing number of BGP security proposals, to date none of them has been adopted. Using a precise definition of BGP robustness we experimentally show that the degree of robustness is distributed unequally across the administrative domains of the Internet, the so-called Autonomous Systems (ASes). The experiments confirm the intuition that the contribution ASes are able to make towards securing the correct working of the inter-domain routing infrastructure by deploying countermeasures against routing attacks differ depending on their position in the AS topology. We also show that the degree of this asymmetry can be controlled by the choice of the security strategy. We compare the strengths and weaknesses of two fundamentally different approaches in increasing BGP's robustness which we termed ingress and egress detection of false route advertisements and indicate their implications. Our quantitative results have important implications for Internet security policy, in particular with respect to the crucial question where to start the deployment of which type of security scheme in order to maximize the Internet's robustness to routing attacks.