12–14 Mar 2024
Lord Charles Hotel
Africa/Johannesburg timezone

A tale of two synergies: Uncovering RPKI practices for RTBH at IXPs

Not scheduled
+27.218797000 (Lord Charles Hotel)


Lord Charles Hotel

Corner Main Road (M9) & Broadway Boulevard, R44, Somerset West, Cape Town, 7130
Technical Plenary


Amreesh Phokeer (Internet Society)


Denial of Service (DoS) attacks and route hijacking have
become the most predominant network attacks. To address these threats,
network operators currently rely on mitigation services like Remotely
Triggered Black Hole (RTBH) and Resource Public Key Infrastructure
(RPKI). In this paper, we seek to understand how operators leverage
both of these mechanisms. Using data collected at multiple IXPs we
infer network operators that use RTBH services. We collect RPKI data
for the same set of organizations and determine which of those rely on
both RTBH and RPKI. One-third of the selected operators do not use
any of these services, while most of the ASes that trigger blackholes
also deploy RPKI. Some of these operators employ poor RPKI practices
that make their prefixes vulnerable to attacks. However, most operators
rely on an RTBH-agnostic approach indicating the need to devise an
approach that effectively combines these two mechanisms.

Primary author

Amreesh Phokeer (Internet Society)

Presentation materials

There are no materials yet.