Description
Recent work shows that RPKI deployment, currently the most important security extension to the inter-domain routing protocols and amendment of the Internet operation procedures, is severely obstructed by inaccuracies, errors and outdated records in published ROAs. Measurements proved deployment of ROA validation in the Internet is almost non-existing despite the fact that RPKI brings major improvement of Internet routing security without need for large scale and costly hardware upgrades. Attempts to explain reasons that caused slow adoption of the RPKI mechanism describe fear of disconnecting legitimate networks because of erroneous ROA as the leading factor. We utilize NetfFlow data from a real network to simulate ROV and subsequently quantify and analyze traffic that would have been dropped by ROV enforcement. Moreover, we explore methods to distinguish malicious traffic from legitimate one in the stream that would have been lost due to ROV to measure resulting impact of ROV.
Type of Presentation |
---|