Abstract
This paper presents the design and data-driven overhead analysis of PrefiSec, a distributed framework that helps collaborating organizations to effectively maintain and share network information in the fight against miscreants. PrefiSec is a novel distributed IP-prefix-based solution, which maintains information about the activities associated with IP prefixes (blocks of IP addresses) and autonomous systems (AS) and enables efficient sharing of this information between participants. Within PrefiSec, we design and evaluate simple and scalable mechanisms that help to protect against prefix/subprefix attacks and interception attacks, and enable sharing of prefix related information related to a wide range of edge-based attacks, such as spamming and scanning. We also include an evaluation of which ASes need to collaborate, to what extent the size and locality of ASes matter, and how many ASes are needed to achieve good efficiency in detecting anomalous route announcements. Public wide-area BGP-announcements, traceroutes, and simulations are used to estimate the overhead, scalability, and alert rates. Our results show that PrefiSec helps improve system security, and can scale to large systems.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
