Jun 11 – 12, 2018
Orea Hotel Voronez
Europe/Prague timezone

ROV impact simulation & analysis

Jun 12, 2018, 3:50 PM
Congress Hall (Orea Hotel Voronez)

Congress Hall

Orea Hotel Voronez

Krizkovskeho 47 603 73 Brno Czech Republic


Recent work shows that RPKI deployment, currently the most important security extension to the inter-domain routing protocols and amendment of the Internet operation procedures, is severely obstructed by inaccuracies, errors and outdated records in published ROAs. Measurements proved deployment of ROA validation in the Internet is almost non-existing despite the fact that RPKI brings major improvement of Internet routing security without need for large scale and costly hardware upgrades. Attempts to explain reasons that caused slow adoption of the RPKI mechanism describe fear of disconnecting legitimate networks because of erroneous ROA as the leading factor. We utilize NetfFlow data from a real network to simulate ROV and subsequently quantify and analyze traffic that would have been dropped by ROV enforcement. Moreover, we explore methods to distinguish malicious traffic from legitimate one in the stream that would have been lost due to ROV to measure resulting impact of ROV.

Type of Presentation

Primary author

Presentation materials