Collaborative Research: Ct-Isg: Mitigating Exploits Of The Current Interdomain Routing Infrastructure

Project Details

Description

0716511 Rebecca Wright Stevens Institute of Technology 0716564 Aaron Jaggard Tulane University Collaborative Research: CT-ISG: Mitigating Exploits of the Current Interdomain-Routing Infrastructure This project addresses fundamental flaws in Internet-routing infrastructure using both theoretical analysis and practical tools. The results not only improve the security of the current Internet, but also advance principles of secure routing design useful for next-generation protocols. The project advocates a different approach than previous work in this area by formally defining comprehensive requirements for protocol security, rather than imposing new technologies to address one or two specific exploits. The Border Gateway Protocol (BGP) provides best-effort connectivity between the component networks of the Internet, a task called interdomain routing. However, BGP lacks any security mechanism, allowing accidental router misconfiguration or intentional attacks that have far-reaching effects on network stability and traffic flow. Furthermore, simply adding security mechanisms is insufficient because BGP also lacks the guarantee that specification-compliant inputs always produce stable routes across the network. This project addresses these shortcomings through research on various assumptions that guarantee good routing behavior and on methods to verify or enforce these assumptions to prevent deviation from that behavior. We identify and address attacks that have previously been studied as well as new attacks that have not yet received attention in the literature. We target incremental-deployment benefits and computational efficiency as primary desiderata; thus, our solutions can offer incentives for immediate adoption without system-wide changes. Through its educational component, our project introduces students to cross-disciplinary research. This encourages collaboration in research projects and allows development of coursework integrating security, networking, and theory for a timely application domain.
StatusFinished
Effective start/end date8/8/078/31/11

Funding

  • National Science Foundation (NSF)

Fingerprint Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.