Optimizing BGP security by exploiting path stability

Kevin Butler, Patrick McDaniel, William Aiello

Research output: Contribution to journalConference articlepeer-review

62 Scopus citations


The Border Gateway Protocol (BGP) is the de facto interdomain routing protocol on the Internet. While the serious vulnerabilities of BGP are well known, no security solution has been widely deployed. The lack of adoption is largely caused by a failure to find a balance between deployability, cost, and security. In this paper, we consider the design and performance of BGP path authentication constructions that limit resource costs by exploiting route stability. Based on a year-long study of BGP traffic and indirectly supported by findings within the networking community, we observe that routing paths are highly stable. This observation leads to comprehensive and efficient constructions for path authentication. We empirically analyze the resource consumption of the proposed constructions via trace-based simulations. This latter study indicates that our constructions can reduce validation costs by as much as 97.3% over existing proposals while requiring nominal storage resources. We conclude by considering operational issues related to incremental deployment of our solution.

Original languageEnglish (US)
Article number1180442
Pages (from-to)298-310
Number of pages13
JournalProceedings of the ACM Conference on Computer and Communications Security
StatePublished - 2006
EventCCS 2006: 13th ACM Conference on Computer and Communications Security - Alexandria, VA, United States
Duration: Oct 30 2006Nov 3 2006

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Optimizing BGP security by exploiting path stability'. Together they form a unique fingerprint.

Cite this