Article

Optimizing BGP security by exploiting path stability

Authors:
Kevin Butler

The Pennsylvania State University, University Park, PA

The Pennsylvania State University, University Park, PA
View Profile

,
Patrick McDaniel

The Pennsylvania State University, University Park, PA

The Pennsylvania State University, University Park, PA
View Profile

,
William Aiello

University of British Columbia, Vancouver, BC, Canada

University of British Columbia, Vancouver, BC, Canada
View Profile

CCS '06: Proceedings of the 13th ACM conference on Computer and communications securityOctober 2006Pages 298–310https://doi.org/10.1145/1180405.1180442

Published:30 October 2006Publication History

CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

Pages 298–310

ABSTRACT

The Border Gateway Protocol (BGP) is the de facto interdomain routing protocol on the Internet. While the serious vulnerabilities of BGP are well known, no security solution has been widely deployed. The lack of adoption is largely caused by a failure to find a balance between deployability, cost, and security. In this paper, we consider the design and performance of BGP path authentication constructions that limit resource costs by exploiting route stability. Based on a year-long study of BGP traffic and indirectly supported by findings within the networking community, we observe that routing paths are highly stable. This observation leads to comprehensive and efficient constructions for path authentication. We empirically analyze the resource consumption of the proposed constructions via trace-based simulations. This latter study indicates that our constructions can reduce validation costs by as much as 97.3% over existing proposals while requiring nominal storage resources. We conclude by considering operational issues related to incremental deployment of our solution.

References

W. Aiello, K. Butler, and P. McDaniel. Implications of Path Stability for Efficient Authentication in Interdomain Routing. Technical Report NAS-TR-0002-2004, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, Oct. 2004. Revised October 2005.Google Scholar
W. Aiello, J. Ioannidis, and P. McDaniel. Origin Authentication in Interdomain Routing. In Proceedings of ACM CCS '03, October 2003. Google ScholarDigital Library
M. Baltatu, A. Lioy, F. Maino, and D. Mazzocchi. Security issues in control, management and routing protocols. Computer Networks (Amsterdam, Netherlands: 1999), 34(6):881--894, 2000. Elsevier Editions, Amsterdam. Google ScholarDigital Library
A. Barbir, S. Murphy, and Y. Yang. Generic Threats to Routing Protocols (Draft). IETF, April 2004.Google Scholar
S. Bellovin, R. Bush, T. Griffin, and J. Rexford. Slowing routing table growth by filtering based on address allocation policies. http://www.research.att.com/jrex/, June 2001.Google Scholar
K. Butler, T. Farley, P. McDaniel, and J. Rexford. A Survey of BGP Security Issues and Solutions. Technical Report TD-5UGJ33, AT&T Labs - Research, Florham Park, NJ, Feb. 2004. ( revised June 2004).Google Scholar
G. Goodell, W. Aiello, T. Griffin, J. Ioannidis, P. McDaniel, and A. Rubin. Working around BGP: An incremental approach to improving security and accuracy of interdomain routing. In Proceedings of NDSS '03, Feb. 2003.Google Scholar
M. Goodrich, R. Tamassia, and A. Schwerin. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proceedings of DARPA Information Survivability Conference and Exposition II (DISCEX). IEEE Computer Society Press, June 2001. Los Angeles, CA.Google ScholarCross Ref
Y. Hu, A. Perrig, and D. Johnson. Efficient security mechanisms for routing protocols. In Proceedings of NDSS '03, Feb. 2003.Google Scholar
Y.-C. Hu, A. Perrig, and M. Sirbu. SPV: Secure Path Vector Routing for Securing BGP. In ACM SIGCOMM. ACM, August 2004. Google ScholarDigital Library
G. Huston. Bgp reports, May 2005. http://bgp.potaroo.net/.Google Scholar
IANA. Autonomous System Numbers, March 2003.Google Scholar
ICANN. The Internet Corporation for Assigned Names and Numbers, July 2004. http://www.icann.org/.Google Scholar
P. J. Transmission Control Protocol - DARPA Internet Protocol Program Specification. IETF, Sep. 1981. RFC 793.Google Scholar
J. Karlin, S. Forrest, and J. Rexford. Pretty Good BGP: Protecting BGP by Cautiously Selecting Routes. Technical Report TR-CS-2005-37, University of New Mexico, Albuquerque, NM, USA, Oct. 2005.Google Scholar
S. Kent. Securing the border gateway protocol. The Internet Protocol Journal, 6(3), Sep. 2003.Google Scholar
S. Kent. Securing the Border Gateway Protocol: A status update. In Seventh IFIP TC-6 TC-11 Conference on Communications and Multimedia Security, Torino, Italy, Oct. 2003.Google Scholar
S. Kent, C. Lynn, J. Mikkelson, and K. Seo. Secure Border Gateway Protocol (S-BGP) Real World Performance and Deployment Issues. In Proceedings of NDSS '00, Feb. 2000.Google Scholar
S. Kent, C. Lynn, and K. Seo. Secure Border Gateway Protocol (S-BGP). IEEE Journal on Selected Areas in Communications, 18(4), Apr. 2000. Google ScholarDigital Library
C. Kruegel, D. Mutz, W. Robertson, and F. Valeur. Topology-based detection of anomalous BGP messages. In Proceedings of RAID '03, Sept. 2003.Google ScholarCross Ref
L. Lamport. Password Authentication with Insecure Communication. Commun. ACM, 24(11):770--772, Nov. 1981. Google ScholarDigital Library
X. Meng, Z. Xu, L. Zhang, and S. Lu. An analysis of BGP routing table evolution. Technical Report TR030046, Computer Science Department, UCLA, Jan. 2003.Google Scholar
Merit Network. The Internet Routing Registry, July 2004. http://www.irr.net/.Google Scholar
R. Merkle. Protocols for public key cryptosystems. Oakland, CA, Apr. 1980. IEEE Symposium on Research in Security and Privacy.Google Scholar
D. Meyer. The Route Views Project, Nov. 2006. http://www.routeviews.org/.Google Scholar
D. Meyer and A. Partan. BGP Security, Availability,and Operator Needs. NANOG 28, June 2003.Google Scholar
S. Murphy. BGP Security Vulnerabilities Analysis. RFC 4272, Jan. 2006.Google Scholar
M. Naor and K. Nissim. Certificate revocation and certificate update. In Proceedings of the 7th USENIX Security Symposium, Jan. 1998. Google ScholarDigital Library
H. Narayan, R. Govindan, and G. Varghese.The impact of address allocation and routing on the structure and implementation of routing tables. In Proceedings of ACM SIGCOMM '03, Karlsruhe, Germany, Aug. 2003. ACM. Google ScholarDigital Library
J. Ng. Extensions to BGP to support secure origin BGP (soBGP). Internet Draft, Oct. 2002.Google Scholar
D. Nicol, S. Smith, and M. Zhao. Evaluation of efficient security for BGP route announcements using parallel simulation. Simulation Modelling Practice and Theory, 12(3--4): 187--216, July 2004.Google Scholar
O. Nordström and C. Dovrolis.Beware of BGP attacks. Computer Communications Review, 34(2):1--8, Apr. 2004. Google ScholarDigital Library
Office of the President of the United States. Priority II: A National Cyberspace Security Threat and Vulnerability Reduction Program. National Strategy to Secure Cyberspace, Nov. 2004.Google Scholar
R. Perlman. Network layer Protocols with Byzantine Robustness. PhD thesis, Massachusetts Institute of Technology, Cambridge, MA, Oct. 1988. MIT/LCS/TR-429.Google Scholar
J. Postel. Internet Protocol. RFC 791, Sept. 1981.Google Scholar
J. Puig, M. Achemlal, E. Jones, and D. McPherson. Generic Security Requirements for Routing Protocols ( Draft). IETF, July 2004.Google Scholar
Y. Rekhter and P. Gross. Application of the Border Gateway Protocol in the Internet. RFC 1772, Mar. 1995. Google ScholarDigital Library
Y. Rekhter and T. Li. A Border Gateway Protocol 4 (BGP-4). RFC 4271, Jan. 2006.Google Scholar
J. Rexford, J. Wang, Z. Xiao, and Y. Zhang. BGP routing stability of popular destinations. In IMW '02: Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment, pages 197--202, New York, NY, USA, 2002. ACM Press. Google ScholarDigital Library
R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, 21(2):120--126, Feb. 1978. Google ScholarDigital Library
K. Seo, C. Lynn, and S. Kent. Public-Key Infrastructure for the Secure Border Gateway Protocol (S-BGP). In IEEE DARPA Information Survivability Conference and Exposition II, June 2001.Google ScholarCross Ref
B. Smith and J. Garcia-Luna-Aceves. Securing the border gateway routing protocol. In Proceedings of IEEE Global Internet 1996, London, UK, Nov. 1996.Google ScholarCross Ref
L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R. Katz. Listen and Whisper: Security mechanisms for BGP. In Proceedings of NSDI'04, Mar. 2004. Google ScholarDigital Library
S. Teoh, K. Ma, S. Wu, D. Pei, L. Wang, L. Zhang, D. Massey, and R. Bush. Visual-Based Anomaly Detection for BGP Origin AS Change (OASC) Events. In Proceedings of IEEE/IFIP DSOM '03, October 2003.Google ScholarCross Ref
T. Wan, E. Kranakis, and P. C. van Oorschot. Pretty Secure BGP (psBGP). In Proc. of NDSS '05. Internet Society (ISOC), Feb. 2005.Google Scholar
L. Wang, X. Zhao, D. Pei, R. Bush, D. Massey, A. Mankin, S. F. Wu, and L. Zhang. Protecting bgp routes to top level DNS servers. In Proceedings of the 23rd International Conference on Distributed Computing Systems (ICDCS), May 2003. Google ScholarDigital Library
K. Zhang, S.-T. Teoh, S.-M. Tseng, C.-N. Chuah, K.-L. Ma, and F. Wu. Performing BGP experiments on a semi-realistic internet environment. North American Network Operators Group (NANOG), October 2004. Google ScholarDigital Library
X. Zhang, S. Wu, Z. Fu, and T.-L. Wu. Malicious Packet Dropping: How It Might Impact the TCP Performance and How We Can Detect It. In Proceedings of ICNP 2000, Nov. 2000. Google ScholarDigital Library
M. Zhao, S. W. Smith, and D. M. Nicol. Aggregated path authentication for efficient BGP security. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS'05), Nov. 2005. Alexandria, VA, USA. Google ScholarDigital Library

Index Terms

Optimizing BGP security by exploiting path stability
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

Aggregated path authentication for efficient BGP security
CCS '05: Proceedings of the 12th ACM conference on Computer and communications security

The Border Gateway Protocol (BGP) controls inter-domain routing in the Internet. BGP is vulnerable to many attacks, since routers rely on hearsay information from neighbors. Secure BGP (S-BGP) uses DSA to provide route authentication and mitigate many ...
Read More
BGP security in partial deployment: is the juice worth the squeeze?

As the rollout of secure route origin authentication with the RPKI slowly gains traction among network operators, there is a push to standardize secure path validation for BGP (i.e., S*BGP: S-BGP, soBGP, BGPSEC, etc.). Origin authentication already does ...
Read More
Neighbor-specific BGP: more flexible routing policies while improving global stability
SIGMETRICS '09

The Border Gateway Protocol (BGP) offers network administrators considerable flexibility in controlling how traffic flows through their networks. However, the interaction between routing policies in different Autonomous Systems (ASes) can lead to ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CCS '06: Proceedings of the 13th ACM conference on Computer and communications security
October 2006
434 pages
ISBN:1595935185
DOI:10.1145/1180405
General Chair:
Ari Juels
RSA Laboratories
,
Program Chairs:
Rebecca Wright
Stevens Institute of Technology
,
Sabrina De Capitani di Vimercati
University of Milan, Italy
Copyright © 2006 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 October 2006
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
BGP
path stability
routing
security
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate1,261of6,999submissions,18%
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 52
  Total Citations
  View Citations
- 994
  Total Downloads
- Downloads (Last 12 months)15
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Optimizing BGP security by exploiting path stability

CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

ABSTRACT

References

Cited By

Index Terms

Recommendations

Aggregated path authentication for efficient BGP security

BGP security in partial deployment: is the juice worth the squeeze?

Neighbor-specific BGP: more flexible routing policies while improving global stability