Mitigating Exploits of the Current Interdomain Routing Infrastructure

This material is based on collaborative research supported by the NSF Cyber Trust program through grants CNS-0753061 (transferred from CNS-0716511) and CNS-0753492 (transferred from CNS-0716564). (Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.)

Description

This project addresses fundamental flaws in Internet-routing infrastructure using both theoretical analysis and practical tools. The results not only improve the security of the current Internet, but also advance principles of secure routing design useful for next-generation protocols. The project advocates a different approach than previous work in this area by formally defining comprehensive requirements for protocol security, rather than imposing new technologies to address one or two specific exploits.

The Border Gateway Protocol (BGP) provides best-effort connectivity between the component networks of the Internet, a task called interdomain routing. However, BGP lacks any security mechanism, allowing accidental router misconfiguration or intentional attacks that have far-reaching effects on network stability and traffic flow. Furthermore, simply adding security mechanisms is insufficient because BGP also lacks the guarantee that specification-compliant inputs always produce stable routes across the network.

This project addresses these shortcomings through research on various assumptions that guarantee good routing behavior and on methods to verify or enforce these assumptions to prevent deviation from that behavior. We identify and address attacks that have previously been studied as well as new attacks that have not yet received attention in the literature. We target incremental-deployment benefits and computational efficiency as primary desiderata; thus, our solutions can offer incentives for immediate adoption without system-wide changes. Through its educational component, our project introduces students to cross-disciplinary research. This encourages collaboration in research projects and allows development of coursework integrating security, networking, and theory for a timely application domain.

People

Senior Personnel

Graduate Student

Undergraduate Students

Collaborators

Bruno Blanchet, Alex Fabrikant, Joan Feigenbaum, Sharon Goldberg, Shai Halevi, Jesse Rao, Andre Scedrov, Michael Schapira, Joe-Kai Tsay

Preprints and papers

  1. Alex Fabrikant, Aaron D. Jaggard, and Michael Schapira, "On the Structure of Weakly Acyclic Games"
  2. Aaron D. Jaggard, Swara Kopparty, Vijay Ramachandran, and Rebecca N. Wright, "The Design Space of Probing Algorithms for Network-Performance Measurement"
  3. Joan Feigenbaum, Vijay Ramachandran, and Michael Schapira, "Incentive-Compatible Interdomain Routing"
  4. Aaron D. Jaggard, Michael Schapira, and Rebecca N. Wright, "Distributed Computing with Adaptive Heuristics"
  5. Alex Fabrikant, Aaron D. Jaggard, and Michael Schapira, "On the Structure of Weakly Acyclic Games"
  6. Joan Feigenbaum, Aaron D. Jaggard, and Michael Schapira, "Approximate Privacy: Foundations and Quantification (Extended Abstract)"
  7. Bruno Blanchet, Aaron D. Jaggard, Jesse Rao, Andre Scedrov, and Joe-Kai Tsay, "Refining Computationally Sound Mechanized Proofs for Kerberos"
  8. Aaron D. Jaggard, Vijay Ramachandran, and Rebecca N. Wright, "The Impact of Communication Models on Routing-Algorithm Convergence"
  9. Sharon Goldberg, Shai Halevi, Aaron D. Jaggard, Vijay Ramachandran, and Rebecca N. Wright, "Rationality and Traffic Attraction: Incentives for Honest Path Announcements in BGP"
  10. Aaron D. Jaggard, Vijay Ramachandran, and Rebecca N. Wright, "Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from Signaling"
  11. Bruno Blanchet, Aaron D. Jaggard, Andre Scedrov, and Joe-Kai Tsay, "Computationally Sound Mechanized Proofs for Basic and Public-key Kerberos"

Talks

  1. More is Not Better: The Perils of Multiple Solutions
  2. Distributed Computing with Adaptive Heuristics
  3. Asynchronous Distributed Computing with Adaptive Heuristics
  4. Towards a unified approach to (in)decision, with implications for divergence of game dynamics
  5. Refining Computationally Sound Mechanized Proofs for Kerberos
  6. Rationality and Traffic Attraction: Incentives for Honest Path Announcements in BGP
  7. Analyzing Kerberos using CryptoVerif
  8. Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from Signaling

Posters

  1. Approximate Privacy: Foundations and Quantification
  2. A more realistic model of incentives for routing (pdf poster)

Wednesday, November 30, 2011 at 21:21