A Survey of BGP Security Issues and Solutions
暂无分享,去创建一个
Patrick D. McDaniel | Jennifer Rexford | Kevin R. B. Butler | Toni R. Farley | J. Rexford | P. Mcdaniel | T. Farley
[1] Brenda S. Baker,et al. Gossips and telephones , 1972, Discret. Math..
[2] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.
[3] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.
[4] Ralph C. Merkle,et al. Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.
[5] David L. Mills. Exterior Gateway Protocol formal specification , 1984, RFC.
[6] Radia J. Perlman,et al. Network layer protocols with Byzantine robustness , 1988 .
[7] Charles L. Hedrick,et al. Routing Information Protocol , 1988, RFC.
[8] S. M. Bellovin,et al. Security problems in the TCP/IP protocol suite , 1989, CCRV.
[9] V. Rich. Personal communication , 1989, Nature.
[10] Dave Katz,et al. Application of the Border Gateway Protocol in the Internet , 1990, RFC.
[11] Ross W. Callon,et al. Use of OSI IS-IS for routing in TCP/IP and dual environments , 1990, RFC.
[12] Atsushi Fujioka,et al. ESIGN: An Efficient Digital Signature Implementation for Smard Cards , 1991, EUROCRYPT.
[13] Ronald L. Rivest,et al. The MD5 Message-Digest Algorithm , 1992, RFC.
[14] Walter Willinger,et al. On the Self-Similar Nature of Ethernet Traffic ( extended version ) , 1995 .
[15] Jon Crowcroft,et al. Integrating security in inter-domain routing protocols , 1993, CCRV.
[16] Walter Willinger,et al. On the self-similar nature of Ethernet traffic , 1993, SIGCOMM '93.
[17] John Moy,et al. OSPF Version 2 , 1998, RFC.
[18] James H. Burrows,et al. Secure Hash Standard , 1995 .
[19] Laurent Joncheray,et al. Representation of IP Routing Policies in a Routing Registry (ripe-81++) , 1995, RFC.
[20] B. Briscoe. Internet Engineering Task Force , 1995 .
[21] Randall J. Atkinson,et al. IP Encapsulating Security Payload (ESP) , 1995, RFC.
[22] Paul Traina. Experience with the BGP-4 protocol , 1995, RFC.
[23] Yakov Rekhter,et al. A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.
[24] Steven M. Bellovin,et al. Using the Domain Name System for System Break-ins , 1995, USENIX Security Symposium.
[25] Tony Bates,et al. Guidelines for creation, selection, and registration of an Autonomous System (AS) , 1996, RFC.
[26] J.J. Garcia-Luna-Aceves,et al. Securing the border gateway routing protocol , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.
[27] Antoni Przygienda. BGP-4 MD5 Authentication , 1997 .
[28] J. J. Garcia-Luna-Aceves,et al. Securing distance-vector routing protocols , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.
[29] Vern Paxson,et al. Measurements and analysis of end-to-end Internet dynamics , 1997 .
[30] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.
[31] Simon S. Lam,et al. Digital signatures for flows and multicasts , 1998, Proceedings Sixth International Conference on Network Protocols (Cat. No.98TB100256).
[32] Naganand Doraswamy,et al. IP Security Document Roadmap , 1998, RFC.
[33] Enke Chen,et al. Using a Dedicated AS for Sites Homed to a Single Provider , 1998, RFC.
[34] Stephen T. Kent,et al. Security Architecture for the Internet Protocol , 1998, RFC.
[35] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..
[36] John W. Stewart,et al. BGP4 : inter-domain routing in the Internet , 1998 .
[37] Dan Harkins,et al. The Internet Key Exchange (IKE) , 1998, RFC.
[38] Gary Scott Malkin,et al. RIP Version 2 , 1998, RFC.
[39] W. Douglas Maughan,et al. Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.
[40] Kan Zhang,et al. Efficient Protocols for Signing Routing Messages , 1998, NDSS.
[41] J. J. Garcia-Luna-Aceves,et al. Efficient security mechanisms for the border gateway routing protocol , 1998, Comput. Commun..
[42] Andy Heffernan,et al. Protection of BGP Sessions via the TCP MD5 Signature Option , 1998, RFC.
[43] Randy Bush,et al. DNS-based NLRI origin AS verification in BGP , 1998 .
[44] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.
[45] Simon S. Lam,et al. Digital signatures for flows and multicasts , 1999, TNET.
[46] David M. Nicol,et al. Towards Realistic Million-Node Internet Simulation , 1999, PDPTA.
[47] James Cowie Hongbo Liu Jason Liu David Nicol Andy Ogielski. Towards Realistic Million-Node Internet Simulations , 1999 .
[48] Daniel Minoli,et al. Internet Architectures , 1999 .
[49] Mihir Bellare,et al. A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.
[50] Vern Paxson. End-to-end internet packet dynamics , 1999, TNET.
[51] Radia Perlman,et al. Interconnections: Bridges, Routers, Switches, and Internetworking Protocols , 1999 .
[52] Cengiz Alaettinoglu,et al. Routing Policy System Security , 1999, RFC.
[53] Gordon T. Wilfong,et al. An analysis of BGP convergence properties , 1999, SIGCOMM '99.
[54] Lixin Gao,et al. Stable Internet routing without global coordination , 2000, SIGMETRICS '00.
[55] Deborah Estrin,et al. Advances in network simulation , 2000, Computer.
[56] Charles Lynn,et al. Secure Border Gateway Protocol (Secure-BGP) , 2000 .
[57] Bruce Schneier,et al. Ten Risks of PKI , 2004 .
[58] Roger Wattenhofer,et al. Resilience Characteristics of the Internet Backbone Routing Infrastructure , 2000 .
[59] Jie Yun Yu. Scalable Routing Design Principles , 2000, RFC.
[60] Stephen T. Kent,et al. Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.
[61] Stephen T. Kent,et al. Secure Border Gateway Protocol (S-BGP) - Real World Performance and Deployment Issues , 2000, NDSS.
[62] M. Bellare,et al. HMAC: Keyed-Hashing for Message Authentication, RFC 2104 , 2000 .
[63] Andrew G. Malis,et al. A Framework for IP Based Virtual Private Networks , 2000, RFC.
[64] Yin Zhang,et al. The Stationarity of Internet Path Properties: Routing, Loss, and Throughput , 2000 .
[65] Moni Naor,et al. Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.
[66] M. Goodrich. Efficient and Secure Network Routing Algorithms , 2001 .
[67] Daniel Massey,et al. Validation of multiple origin ases conflicts through bgp community attribute , 2001 .
[68] Lixin Gao. On inferring autonomous system relationships in the internet , 2001, TNET.
[69] Jennifer Rexford,et al. Stable internet routing without global coordination , 2001, TNET.
[70] Karen Seo,et al. Public-key infrastructure for the Secure Border Gateway Protocol (S-BGP) , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.
[71] Randy Bush,et al. Slowing Routing Table Growth by Filtering Based on Address Allocation Policies , 2001 .
[72] V. D. Stachtos,et al. Sphere : A Binding Model and Middleware for Routing Protocols , 2001 .
[73] Daniel Massey,et al. An analysis of BGP multiple origin AS (MOAS) conflicts , 2001, IMW '01.
[74] Olivier Bonaventure,et al. Understanding the Long-Term Self-Similarity of Internet Traffic , 2001, QofIS.
[75] Geoff Huston. Commentary on Inter-Domain Routing in the Internet , 2001, RFC.
[76] Roger Wattenhofer,et al. The impact of Internet policy and topology on delayed routing convergence , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).
[77] Daniel Massey,et al. Detection of invalid routing announcement in the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.
[78] Ramesh Govindan,et al. An empirical study of router response to large BGP routing table load , 2002, IMW '02.
[79] Ratul Mahajan,et al. Measuring ISP topologies with rocketfuel , 2002, SIGCOMM 2002.
[80] Daniel Massey,et al. Observation and analysis of BGP behavior under stress , 2002, IMW '02.
[81] Hu Chunzhe. BGP Sessions Protection via MD5 Authentication , 2002 .
[82] Chin-Tser Huang,et al. Hop integrity in computer networks , 2002, TNET.
[83] Ratul Mahajan,et al. Understanding BGP misconfiguration , 2002, SIGCOMM 2002.
[84] Bert Wijnen,et al. An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks , 2002, RFC.
[85] Randy H. Katz,et al. Characterizing the Internet hierarchy from multiple vantage points , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.
[86] Daniel Massey,et al. Protecting BGP Routes to Top-Level DNS Servers , 2003, IEEE Trans. Parallel Distributed Syst..
[87] Eric Rescorla,et al. Guidelines for Writing RFC Text on Security Considerations , 2003, RFC.
[88] Steven M. Bellovin,et al. Using Link Cuts to Attack Internet Routing , 2003 .
[89] Sean W. Smith,et al. Efficient Security for BGP Route Announcements , 2003 .
[90] G. Manimaran,et al. An efficient algorithm for malicious update detection & recovery in distance vector protocols , 2003, IEEE International Conference on Communications, 2003. ICC '03..
[91] Deployment Considerations for Secure Origin BGP (soBGP) , 2003 .
[92] Daniel R. Simon,et al. Secure traceroute to detect faulty or malicious routing , 2003, CCRV.
[93] Sean Convery,et al. An Attack Tree for the Border Gateway Protocol , 2003 .
[94] Yih-Chun Hu. Efficient Security Mechanisms for Routing Protocols , 2003 .
[95] Tal Malkin,et al. On the performance, feasibility, and use of forward-secure signatures , 2003, CCS '03.
[96] Jia Wang,et al. Towards an accurate AS-level traceroute tool , 2003, SIGCOMM '03.
[97] Patrick D. McDaniel,et al. Working around BGP: An Incremental Approach to Improving Security and Accuracy in Interdomain Routing , 2003, NDSS.
[98] Pavlin Radoslavov,et al. A framework for incremental deployment strategies for router-assisted services , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).
[99] S. Gorman,et al. Least Effort Strategies for Cybersecurity , 2003, cond-mat/0306002.
[100] Stephen T. Kent,et al. Securing the Border Gateway Protocol: A Status Update , 2003, Communications and Multimedia Security.
[101] Christopher Krügel,et al. Topology-Based Detection of Anomalous BGP Messages , 2003, RAID.
[102] Daniel Massey,et al. Protecting BGP routes to top level DNS servers , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..
[103] L. Wood,et al. From the Authors , 2003, European Respiratory Journal.
[104] Yih-Chun Hu,et al. Efficient Security Mechanisms for Routing Protocolsa , 2003, NDSS.
[105] W. Li. Inter-Domain Routing : Problems and Solutions , 2003 .
[106] Patrick D. McDaniel,et al. Origin authentication in interdomain routing , 2003, CCS '03.
[107] Hovav Shacham,et al. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.
[108] Nick Feamster,et al. Measuring the effects of internet path faults on reactive routing , 2003, SIGMETRICS '03.
[109] Xu Mei. Internet Key Exchange , 2003 .
[110] Nick Feamster,et al. BorderGuard: detecting cold potatoes from peers , 2004, IMC '04.
[111] David Meyer,et al. The Generalized TTL Security Mechanism (GTSM) , 2004, RFC.
[112] Sean W. Smith,et al. Evaluation of efficient security for BGP route announcements using parallel simulation , 2004, Simul. Model. Pract. Theory.
[113] Daniel Massey,et al. A framework for resilient Internet routing protocols , 2004, IEEE Network.
[114] D. Boneh,et al. Short Signatures from the Weil Pairing , 2001, Journal of Cryptology.
[115] Ian F. Blake,et al. On the complexity of the discrete logarithm and Diffie-Hellman problems , 2004, J. Complex..
[116] Hovav Shacham,et al. Short Signatures from the Weil Pairing , 2001, J. Cryptol..
[117] A. Perrig,et al. SPV: secure path vector routing for securing BGP , 2004, SIGCOMM '04.
[118] Hisashi Kobayashi,et al. Highly secure and efficient routing , 2004, IEEE INFOCOM 2004.
[119] Volker Roth,et al. Listen and whisper: security mechanisms for BGP , 2004 .
[120] Chris Lonvick,et al. RADIUS Attributes for soBGP Support , 2004 .
[121] Peter Reiher,et al. A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.
[122] Joseph Kee-yin Ng,et al. Extensions to BGP to Support Secure Origin BGP , 2004 .
[123] Constantinos Dovrolis,et al. Beware of BGP attacks , 2004, CCRV.
[124] Vijay Gill. Lack of Priority Queuing Considered Harmful , 2004, ACM Queue.
[125] Yih-Chun Hu,et al. SPV: secure path vector routing for securing BGP , 2004, SIGCOMM 2004.
[126] S. Kent. IP Authentication Header , 1995, RFC.
[127] Olivier Bonaventure,et al. Open issues in interdomain routing: a survey , 2005, IEEE Network.
[128] Geoff Huston,et al. BGP Wedgies , 2005, RFC.
[129] Florent Parent,et al. Routing Policy Specification Language next generation (RPSLng) , 2005, RFC.
[130] Jennifer Rexford,et al. BGP routing policies in ISP networks , 2005, IEEE Network.
[131] Sean W. Smith,et al. Evaluating the Performance Impact of PKI on BGP Security , 2005 .
[132] Sean W. Smith,et al. The performance impact of BGP security , 2005, IEEE Network.
[133] Silvio Micali,et al. On-line/off-line digital signatures , 1996, Journal of Cryptology.
[134] Sean W. Smith,et al. Aggregated path authentication for efficient BGP security , 2005, CCS '05.
[135] Ajoy Kumar Datta,et al. Stabilizing inter-domain routing in the Internet , 2005, J. High Speed Networks.
[136] C. Kaufman. Internet Key Exchange (IKEv2) Protocol", RFC 4306 , 2005 .
[137] Charlie Kaufman,et al. Internet Key Exchange (IKEv2) Protocol , 2005, RFC.
[138] Jennifer Rexford,et al. Don't Secure Routing Protocols, Secure Data Delivery , 2006, HotNets.
[139] Patrick D. McDaniel,et al. Optimizing BGP security by exploiting path stability , 2006, CCS '06.
[140] Susan Hares,et al. A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.
[141] Dongho Kim,et al. Experience with DETER: a testbed for security research , 2006, 2nd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2006. TRIDENTCOM 2006..
[142] Adrian Perrig,et al. Modeling adoptability of secure BGP protocol , 2006, SIGCOMM 2006.
[143] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.
[144] Vern Paxson. End-to-end routing behavior in the internet , 2006, Comput. Commun. Rev..
[145] Adrian Perrig,et al. Modeling adoptability of secure BGP protocols , 2006, SIGMETRICS '06/Performance '06.
[146] Jennifer Rexford,et al. Pretty Good BGP: Improving BGP by Cautiously Adopting Routes , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.
[147] K. Schwalm. National Strategy to Secure Cyberspace , 2006 .
[148] Patrick D. McDaniel,et al. Origin authentication in interdomain routing , 2006, Comput. Networks.
[149] Yi Yang,et al. Generic Threats to Routing Protocols , 2006, RFC.
[150] Nick Feamster,et al. Understanding the network-level behavior of spammers , 2006, SIGCOMM.
[151] Sandra L. Murphy,et al. BGP Security Vulnerabilities Analysis , 2006, RFC.
[152] Daniel Massey,et al. PHAS: A Prefix Hijack Alert System , 2006, USENIX Security Symposium.
[153] Nick Feamster,et al. Understanding the network-level behavior of spammers , 2006, SIGCOMM 2006.
[154] Russ White. Architecture and Deployment Considerations for Secure Origin BGP (soBGP) , 2006 .
[155] Zhuoqing Morley Mao,et al. Accurate Real-time Identification of IP Prefix Hijacking , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).
[156] Dave Katz,et al. Multiprotocol Extensions for BGP-4 , 1998, RFC.
[157] Evangelos Kranakis,et al. On interdomain routing security and pretty secure BGP (psBGP) , 2007, TSEC.
[158] Paul Francis,et al. A study of prefix hijacking and interception in the internet , 2007, SIGCOMM 2007.
[159] Dmitri V. Krioukov,et al. AS relationships: inference and validation , 2006, CCRV.
[160] Vitaly Shmatikov,et al. Truth in advertising: lightweight verification of route integrity , 2007, PODC '07.
[161] M. Kaeo. Current Operational Security Practices in Internet Service Provider Environments , 2007 .
[162] Wesley M. Eddy,et al. TCP SYN Flooding Attacks and Common Mitigations , 2007, RFC.
[163] Bruce M. Maggs,et al. On the impact of route monitor selection , 2007, IMC '07.
[164] Saurabh Panjwani,et al. Analysis of the SPV secure routing protocol: weaknesses and lessons , 2007, CCRV.
[165] Ioannis C. Avramopoulos,et al. How Small Groups Can Secure Interdomain Routing , 2007 .
[166] Jennifer Rexford,et al. Autonomous security for autonomous systems , 2008, Comput. Networks.
[167] Tim Dierks,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .
[168] Sharon Goldberg,et al. Rationality and traffic attraction: incentives for honest path announcements in bgp , 2008, SIGCOMM '08.
[169] Biswanath Mukherjee,et al. A survey of security techniques for the border gateway protocol (BGP) , 2009, IEEE Communications Surveys & Tutorials.
[170] Geoff Huston,et al. Validation of Route Origination in BGP using the Resource Certificate PKI , 2009 .
[171] Joseph D. Touch,et al. The TCP Authentication Option , 2010, RFC.
[172] Simon Josefsson,et al. Internet Engineering Task Force (ietf) Using Kerberos Version 5 over the Transport Layer Security (tls) Protocol , 2011 .
[173] Stephen T. Kent,et al. A Profile for Route Origin Authorizations (ROAs) , 2012, RFC.
[174] Stephen T. Kent,et al. An Infrastructure to Support Secure Internet Routing , 2012, RFC.