COLLABORATIVE RESEARCH: CT-ISG: MITIGATING EXPLOITS OF THE CURRENT INTERDOMAIN ROUTING INFRASTRUCTURE

Project Details

Description

0716511Rebecca WrightStevens Institute of Technology0716564Aaron JaggardTulane UniversityCollaborative Research: CT-ISG: Mitigating Exploits of the CurrentInterdomain-Routing InfrastructureThis project addresses fundamental flaws in Internet-routinginfrastructure using both theoretical analysis and practical tools.The results not only improve the security of the current Internet, butalso advance principles of secure routing design useful fornext-generation protocols. The project advocates a different approachthan previous work in this area by formally defining comprehensiverequirements for protocol security, rather than imposing newtechnologies to address one or two specific exploits.The Border Gateway Protocol (BGP) provides best-effort connectivitybetween the component networks of the Internet, a task calledinterdomain routing. However, BGP lacks any security mechanism,allowing accidental router misconfiguration or intentional attacksthat have far-reaching effects on network stability and trafficflow. Furthermore, simply adding security mechanisms is insufficientbecause BGP also lacks the guarantee that specification-compliantinputs always produce stable routes across the network.This project addresses these shortcomings through research on variousassumptions that guarantee good routing behavior and on methods toverify or enforce these assumptions to prevent deviation from thatbehavior. We identify and address attacks that have previously beenstudied as well as new attacks that have not yet received attention inthe literature. We target incremental-deployment benefits andcomputational efficiency as primary desiderata; thus, our solutionscan offer incentives for immediate adoption without system-widechanges. Through its educational component, our project introducesstudents to cross-disciplinary research. This encourages collaborationin research projects and allows development of coursework integratingsecurity, networking, and theory for a timely application domain.
StatusFinished
Effective start/end date8/8/078/31/11

Funding

  • National Science Foundation (National Science Foundation (NSF))

Fingerprint Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.