Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Practical experience: Methodologies for measuring route origin validation

: Hlavacek, Tomas; Herzberg, Amir; Shulman, Haya; Waidner, Michael


Institute of Electrical and Electronics Engineers -IEEE-; IEEE Computer Society:
48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2018. Proceedings : 25-28 June 2018, Luxembourg City, Luxembourg
Los Alamitos, Calif.: IEEE Computer Society Conference Publishing Services (CPS), 2018
ISBN: 978-1-5386-5596-2
ISBN: 978-1-5386-5595-5
ISBN: 978-1-5386-5597-9
International Conference on Dependable Systems and Networks (DSN) <48, 2018, Luxembourg>
Conference Paper
Fraunhofer SIT ()
routing; IP network; autonomous system; authorization; internet security; RPKI; Route Origin Validation; ROV; controlled experiment; BGP

Performing Route Origin Validation (ROV) to filter BGP announcements, which contradict Route Origin Authorizations (ROAs) is critical for protection against BGP prefix hijacks. Recent works quantified ROV enforcing Autonomous Systems (ASes) using controlplane experiments. In this work we show that control-plane experiments do not provide accurate information about ROVenforcing ASes. We devise data-plane approaches for evaluating ROV in the Internet and perform both control and data-plane experiments using different data acquisition sources. We analyze and correlate the results of our study to identify the number of ASes enforcing ROV, and hence protected with RPKI. We perform simulations with the ROV-enforcing ASes that we identified, and find that their impact on the Inter net security against prefix hijacks is negligible. As a countermeasure we provide recommendations how to cope with the main factor hindering wide adoption of ROV.