11-12 June 2018
Orea Hotel Voronez
Europe/Prague timezone

ROV impact simulation & analysis

12 Jun 2018, 15:50
20m
Congress Hall (Orea Hotel Voronez)

Congress Hall

Orea Hotel Voronez

Krizkovskeho 47 603 73 Brno Czech Republic
CSNOG1

Description

Recent work shows that RPKI deployment, currently the most important security extension to the inter-domain routing protocols and amendment of the Internet operation procedures, is severely obstructed by inaccuracies, errors and outdated records in published ROAs. Measurements proved deployment of ROA validation in the Internet is almost non-existing despite the fact that RPKI brings major improvement of Internet routing security without need for large scale and costly hardware upgrades. Attempts to explain reasons that caused slow adoption of the RPKI mechanism describe fear of disconnecting legitimate networks because of erroneous ROA as the leading factor. We utilize NetfFlow data from a real network to simulate ROV and subsequently quantify and analyze traffic that would have been dropped by ROV enforcement. Moreover, we explore methods to distinguish malicious traffic from legitimate one in the stream that would have been lost due to ROV to measure resulting impact of ROV.

Type of Presentation

Primary author

Presentation Materials

Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×