|Shulman, Haya; Vogel, Niklas; Waidner, Michael
|IP prefix hijacks, due to malicious attacks or benign misconfigurations, pose a threat to the Internet's stability and security. RPKI was designed to enable networks to block prefix hijacks by enforcing Route Origin Validation (ROV). In this work we evaluate the effectiveness of the global ROV deployment in blocking prefix hijacks. We perform control-plane and data-plane experiments and provide an in-depth analysis of the collected results. Our analysis is based on new methodologies we developed that allow more accurate identification of ROV enforcing ASes. Our analysis shows that the current ROV enforcement rate is significantly higher than found in previous studies: in contrast to 0.6% in a study from 2021, in our work we find that 37.8% enforce ROV. Our results indicate that ROV has finally gained traction and offers substantial protection against prefix hijacks.
|Conference on Computer and Communications Security 2022