An Experimental Framework for BGP Securuty Evaluation


Internet routing is based on implicit trust assumptions. Given the critical importance of the Internet and the increasing security threats, such simple trust relationships are no longer sufficient. Over the past decade, significant research has been devoted to securing the Internet routing system. The Internet Engineering Task Force (IETF) is well along in the process of standardizing routing security enhancements (Secure Inter-Domain Routing — SIDR, Keying and Authentication for Routing Protocols — KARP, etc.). However, the research challenges are not over: not only do these new protocols need to be tested for protocol conformance and interoperability, they also need to be evaluated both for their security properties and scaling performance. The purpose of this paper is two-fold: we outline the main security challenges in inter-domain routing and argue that research in this area has barely begun; and we take a closer look at a production implementation of one component and evaluate it at a fairly large scale. We discuss the difficulties we experienced and lessons learned; we also present some initial results.


networks, network performance evaluation, network measurement, protocaol testing and verification, routing protocols, network simulations, logical/virtual topologies

Date of this Version



it-Information Technology (Journal), Vol. 55, Issue 4, pp 131-168