CS 244 ’20: A Reproduction of “Jumpstarting BGP Security with Path-End Validation”


A Reproduction of “Jumpstarting BGP Security with Path-End Validation”

In this paper, we reproduce the results of the path-end validation paper by simulating route advertisement across the BGP system under varying degrees of path-end validation deployment and with various route acceptance criteria. While the attacker success metrics we find are smaller in the absolute sense than those presented in the path-end validation paper, the relative success of different BGP security schemes in partial deployment is preserved. We then attempt to recreate the path-end validation paper’s results with data from real-world attacks, finding an improvement from path-end validation which, while not as dramatic as that claimed by the

original authors, supports the idea that path-end validation can significantly decrease an attacker’s success rate even in very limited deployment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s