Speaker
Description
Denial of Service (DoS) attacks and route hijacking have
become the most predominant network attacks. To address these threats,
network operators currently rely on mitigation services like Remotely
Triggered Black Hole (RTBH) and Resource Public Key Infrastructure
(RPKI). In this paper, we seek to understand how operators leverage
both of these mechanisms. Using data collected at multiple IXPs we
infer network operators that use RTBH services. We collect RPKI data
for the same set of organizations and determine which of those rely on
both RTBH and RPKI. One-third of the selected operators do not use
any of these services, while most of the ASes that trigger blackholes
also deploy RPKI. Some of these operators employ poor RPKI practices
that make their prefixes vulnerable to attacks. However, most operators
rely on an RTBH-agnostic approach indicating the need to devise an
approach that effectively combines these two mechanisms.
