Charla: A Comprehensive Approach to Secure Internet Routing
Cecilia Testart (PhD candidate in Electrical Engineering and Computer Science at MIT)
Abstract: The Border Gateway Protocol (BGP) –the de-facto standard inter-domain routing protocol of the Internet– lacks basic security mechanisms to authenticate and validate route information. As a result, BGP hijacks remain an acute problem in today’s Internet, with widespread consequences. The decentralized nature of the Internet, diversity of networks and skewed incentives make it challenging to improve BGP security. In addition, there is little empirical data to assess the severity hijacks and evaluate the benefits of increasing BGP security.
In this talk I will present data-driven analysis to raise awareness, nudge networks to take action and improve routing security, tackling questions such as:
- How significant is the BGP hijacking problem?
- What are the benefits of emerging approaches?
- What is an operationally actionable path forward?
Based on publicly available empirical data, this work shows how BGP currently allows for routinely executed, in-the-open, forms of abuse, and how that same data can be used to assess network-wide BGP behavior, as new data for network reputation scoring systems, and to measure the current benefit of emergent security approaches such as the RPKI.
Bio: Cecilia is a PhD candidate in Electrical Engineering and Computer Science at MIT. She is part of the Advanced Network Architecture
group and the Internet Policy Research Initiative, working under the supervision of David D. Clark. Her doctoral research focuses on securing the Internet’s core routing protocols taking a comprehensive perspective, considering both technical as well as policy challenges to improve the current state-of-the-art, and leveraging empirical data-driven approaches to understand the impact of vulnerabilities and benefits of security. Cecilia holds Engineering Degrees from
Universidad de Chile and Ecole Centrale Paris. She also holds a dual-master degree in Technology and Policy (TPP) and Electrical Engineering and Computer Science (EECS) from MIT. She has interned at MSR and the OECD and prior to joining MIT, she worked at NICChile Research Labs and Inria Chile.