Die Lecture wird hybrid durchgeführt.
Veranstaltungsort für die Präsenzveranstaltung ist:
TU Darmstadt | Physik Hörsaal Uhrturm (S2|08) | Hochschulstraße 4 | 64289 Darmstadt

Online wird das Event über MS Teams durchgeführt.

Bei einer Präsenzteilnahme besteht die Möglichkeit, sich nach dem Vortrag persönlich mit den wichtigsten Akteuren der Cybersicherheit zu treffen und auszutauschen.

Zur Anmeldung

Abstract

We present BGP-iSec, an enhancement of the BGPsec protocol for securing BGP, the Internet’s inter-domain routing protocol. BGP-iSec ensures additional and stronger security properties, compared to BGPsec, without significant extra overhead. The main improvements are: (i) Security for partial adoption: BGP-iSec provides significant security benefits for early adopters, in contrast to BGPsec, which requires universal adoption. (ii) Defense against route leakage: BGP-iSec defends against route leakage, a common cause of misrouting that is not prevented by BGPsec. (iii) Integrity of attributes: BGP-iSec ensures the integrity of integrity-protected attributes, thereby preventing announcement manipulation attacks not prevented by BGPsec. We argue that BGP-iSec achieves these goals using extensive simulations as well as security analysis. The BGP-iSec design conforms, where possible, with the BGPsec design, modifying it only where necessary to improve security or ease deployment. By providing stronger security guarantees, especially for partial adoption, we hope BGP-iSec will be a step towards finally protecting interdomain routing, which remains, for many years, a vulnerability of the Internet’s infrastructure.

Joint work with Cameron Morris, Bing Wang and Samuel Secondo