01.03.15 - 04.03.15, Seminar 15102

Secure Routing for Future Communication Networks

Diese Seminarbeschreibung wurde vor dem Seminar auf unseren Webseiten veröffentlicht und bei der Einladung zum Seminar verwendet.

Motivation

Routing is a fundamental mechanism in communication networks, and its security is critical to ensure availability and to prevent attacks; however, developing and deploying secure routing mechanisms is still a challenge. Routing is the process by which information is passed via the communication network, from source to destination, via a series of intermediary nodes/routers. Routing attacks include route-hijacking, i.e., diverting traffic to an adversary-controlled router, and denial-of-service attacks exploiting the routing mechanism, i.e., preventing communication (in parts or the entire network), e.g., by malicious dropping of packets by a router.

Routing, and even more secure routing, are complex problems with many variants. In particular, the Internet is a federation of many domains (usually referred to as autonomous systems (ASes)), each managed by a separate organization; there are separate standard protocols for routing inside an AS (intra-domain routing) and for routing from a source in one AS to a destination in a different AS (inter-domain routing). Significant efforts are dedicated to securing intra-domain routing protocols and inter-domain routing protocols; in addition, significant efforts are also dedicated to the design of completely new Internet architectures that include secure routing mechanisms.

Another categorization of routing mechanisms and challenges involves mobility. Many routing protocols, including standard Internet routing, are designed for mostly static topology, where connections between routers are relatively stable. However, communication is increasingly applied between mobile devices. There are many efforts and challenges in the design of (secure) routing mechanisms for highly mobile networks, e.g., between tiny wireless sensors, swarms of tiny robots, or simply mobile users (e.g., upon catastrophic failure to regular infrastructure).

There is also a need to re-evaluate and possibly re-design routing mechanisms and security measures, to address changes in the way the Internet is used and new security challenges. In particular, is there a need to adapt routing to facilitate, and/or take advantage of, cloud services, and to support security for them? Is there a need to adapt routing to the increased threat of Denial-of-Service attacks, or to facilitate widespread provision of Quality-of-Service? Should routing be modified to take into account energy considerations, or to take advantage of and facilitate Software De-fined Networking (SDN)? If modifications are made for these goals, how does this affect routing systems’ attack surface? Finally, is there a need to modify routing and its security mechanisms, as a result of the recent revelations regarding the scope of abuse of routing by powerful nation-state adversaries?

In summary, to advance routing security in the aforementioned topic areas, a number of significant research problems need to be addressed, which is the goal of this seminar. The first objective is to facilitate brainstorming and exchange of ideas among experts working in different areas and types of secure networking, leading to an improved understanding of the different aspects of secure routing. The second objective is to identify the most important research challenges and to devise a roadmap towards addressing urgent issues. Through the seminar, we are hoping to open up new avenues of research in the area of routing security. For the given focus areas of the seminar, we aim to contribute to the following key research challenges:

  • Routing Security by Design for a Future Internet: the challenge is to overcome the limitations and confined models imposed by today’s Internet. Both clean slate as well as evolutionary approaches towards a secure-by-design future Internet shall be discussed.
  • Inter-domain Routing Security and Intra-domain Routing Security: challenges to be addressed in inter-domain routing are the reconciliation of potentially conflicting security interests across multiple domains and resilience against recently published attacks. Intra-domain routing is underrepresented in research; here, the seminar aims at identifying the key research challenges towards a research roadmap.
  • Routing Security in Mobile/Wireless Networks, and in Delay- and Disruption-tolerant Networks: the main challenge to be addressed in the seminar is to identify possible ways to provide routing security in light of the severely limited resources and special characteristics of mobile and wireless systems.
  • Anonymous and Privacy-preserving Routing: the challenge to be addressed is to define realistic adversary models and to revisit existing solutions in light of these models. Open research issues in the area of privacy preservation that stem from strong adversaries are to be identified as part of the seminar.
  • Quality of Service (QoS) and Denial of Service (DoS) aspects of Routing Security: the challenge is to jointly consider security considerations and QoS aspects, both in theory and practice.