Bootstrapping accountability in the internet we have

Conference Paper

Lack of accountability makes the Internet vulnerable to numerous attacks, including prefix hijacking, route forgery, source address spoofing, and DoS flooding attacks. This paper aims to bring accountability to the Internet with lowcost and deployable enhancements. We present IPA, a design that uses the readily available toplevel DNSSEC infrastructure and BGP to bootstrap accountability. We show how IPA enables a suite of security modules that can combat various networklayer attacks. Our evaluation shows that IPA introduces modest overhead and is gradually deployable. We also discuss how the design incentivizes early adoption.

Duke Authors

Cited Authors

  • Li, A; Liu, X; Yang, X

Published Date

  • January 1, 2011

Published In

  • Proceedings of Nsdi 2011: 8th Usenix Symposium on Networked Systems Design and Implementation

Start / End Page

  • 155 - 168

Citation Source

  • Scopus