Bootstrapping accountability in the internet we have
Lack of accountability makes the Internet vulnerable to numerous attacks, including prefix hijacking, route forgery, source address spoofing, and DoS flooding attacks. This paper aims to bring accountability to the Internet with lowcost and deployable enhancements. We present IPA, a design that uses the readily available toplevel DNSSEC infrastructure and BGP to bootstrap accountability. We show how IPA enables a suite of security modules that can combat various networklayer attacks. Our evaluation shows that IPA introduces modest overhead and is gradually deployable. We also discuss how the design incentivizes early adoption.
Proceedings of Nsdi 2011: 8th Usenix Symposium on Networked Systems Design and Implementation
Start / End Page