Can ten or a hundred compromised BGP routers create Internet-wide instability? How how can we protect against it? BGP routing problems are hard to study, for the following reasons: (a) a lack of complete and accurate BGP topology, (b) difficulty in simulating with regards to computational complexity and accuracy, and (c) difficulty of deploying new tools to improve the BGP security.

The goal of this project is exactly to address the above issues, and specifically to measure, model and guard against BGP routing problems. The overarching vision is to provide the foundation for not only improving the current BGP, but also for providing new insight and guidelines for the design of novel inter-domain routing approaches.

The work focuses on three related research tasks. In the first task, the work will develop and maintain a relatively complete and accurate BGP topology as an ongoing effort and to generate small realistic topologies for simulations purposes, with provable topological properties. In the second task, the project will use and extend epidemic spreading techniques to model the network-wide propagation of BGP instability. In the third task, the project will develop a comprehensive reactive framework to detect erroneous BGP updates, which could be readily deployed today.

Broader Impact. This work is an important step towards a more robust Internet. It is widely feared that the next generation of cyber-attacks could target the control plane. However, even today, BGP routing has its share of vulnerabilities and problems which cost millions of dollars in service disruption.

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Network Systems (CNS)
Application #
0721889
Program Officer
Darleen L. Fisher
Project Start
Project End
Budget Start
2007-08-01
Budget End
2011-07-31
Support Year
Fiscal Year
2007
Total Cost
$245,002
Indirect Cost
Name
University of California Riverside
Department
Type
DUNS #
City
Riverside
State
CA
Country
United States
Zip Code
92521