Abstract
BGP, the de-facto inter-domain routing protocol, was designed without considering security. Recently, network operators have experienced hijacks of their network prefixes, often due to BGP misconfiguration by other operators, sometimes maliciously. In order to address this, prefix origin validation, based on a RPKI infrastructure, was proposed and developed. Today, many organizations are registering their data in the RPKI to protect their prefixes from accidental mis-origination. However, some organizations submit incorrect information to the RPKI repositories or announce prefixes that do not exactly match what they registered. Also, the RPKI repositories of Internet registries are not operationally reliable. The aim of this work is to reveal these problems via measurement. We show how important they are, try to understand the main causes of errors, and explore possible solutions. In this longitudinal study, we see the impact of a policy which discards route announcements with invalid origins would have on the routing table, and to a lesser extent on the traffic at the edge of a large research network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
IPv4 Address Space in ROAs (/24s). http://certification-stats.ripe.net/?type=roa-v4
IPv4 Prefixes Delegated by AfriNIC. ftp://ftp.afrinic.net/stats/afrinic/delegated-afrinic-extended-latest
IPv4 Prefixes Delegated by APNIC. ftp://ftp.apnic.net/pub/apnic/stats/apnic/delegated-apnic-extended-latest
IPv4 Prefixes Delegated by ARIN. ftp://ftp.arin.net/pub/stats/arin/delegated-arin-extended-latest
IPv4 Prefixes Delegated by LACNIC. ftp://ftp.lacnic.net/pub/stats/lacnic/delegated-lacnic-extended-latest
IPv4 Prefixes Delegated by RIPE NCC. ftp://ftp.ripe.net/ripe/stats/delegated-ripencc-extended-latest
rcynic RPKI validator. http://rpki.net/wiki/doc/RPKI/RP/rcynic
University of oregon route views project. http://www.routeviews.org
YouTube Hijacking: A RIPE NCC RIS case study, March 2008. http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study
Fincham, M.: RPKI, NZNOG 2014, February 2014. http://hotplate.co.nz/archive/nznog/2014/rpki/
Goldberg, S., Shapira, M., Hummon, P., Rexford, J.: How secure are secure interdomain routing protocols? Comput. Netw. 70, 260–287 (2014)
Heilman, E., Cooper, D., Reyzin, L., Goldberg, S.: From the consent of the routed: improving the transparency of the RPKI. In: Sigcomm 2014 (2014)
Kloots, J.: RPKI Routing Policy Decision-Making, A SURFNET Perspective, February 2014. https://blog.surfnet.nl/?p=3159
Lad, M., Massey, D., Pei, D., Wu, Y., Zhang, B., Zhang, L.: PHAS: a prefix hijack alert system. In: Proceedings of USENIX Security Symposium (2006)
Lepinski, M., Kent, S.: An Infrastructure to Support Secure Internet Routing, RFC 6480, February 2012
Litke, P., Stewart, J.: BGP Hijacking for Cryptocurrency Profit, August 2014. http://www.secureworks.com/cyber-threat-intelligence/threats/bgp-hijacking-for-cryptocurrency-profit/
Toonk, A.: Hijack Event Today by Indosat, April 2014. http://www.bgpmon.net/hijack-event-today-by-indosat/
Wählisch, M., Maennel, O., Schmidt, T.C.: Towards detecting BGP route hijacking using the RPKI. In: Sigcomm 2012 (Poster) (2012)
Zmijewski, E.: Indonesia Hijacks the World, April 2014. http://www.renesys.com/2014/04/indonesia-hijacks-world/
Acknowledgments
We thank the operator of the large American research network for setting up the collection of the traffic statistics. Rob Austein was a great help toward understanding the mechanics of the RPKI infrastructure and the different events we observed.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Iamartino, D., Pelsser, C., Bush, R. (2015). Measuring BGP Route Origin Registration and Validation. In: Mirkovic, J., Liu, Y. (eds) Passive and Active Measurement. PAM 2015. Lecture Notes in Computer Science(), vol 8995. Springer, Cham. https://doi.org/10.1007/978-3-319-15509-8_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-15509-8_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15508-1
Online ISBN: 978-3-319-15509-8
eBook Packages: Computer ScienceComputer Science (R0)