Jean Camp, "Changing the Economics of the Network"
CERIAS Weekly Security Seminar - Purdue University
English - January 25, 2017 21:30 - 171 MB Video - ★★★★ - 6 ratingsTechnology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
BGP enables as a network of networks, and is also a network of
trust. The most clear instantiation of that trust is the updating
of router tables based on unsubstantiated announcements. The
positive result of this trust is that the network can be extremely
responsive to failures, and recover quickly. Yet the very trust
that enables resilience creates risks from behavior lacking either
technical competence or benevolence. Threats to the control plane
have included political interference, misguided network
configurations, and other mischief. Our goal is to look at
solutions that treat BGP as an economic political artifact that
embeds trust, and change the game in BGP defense.
One step is to classify route updates along a continuum of trust,
exploring new algorithms that will give a measure of integrity
assurance to BGP updates. We have explored the application of
machine learning techniques with the variety of data available
(technical, rates of change, economic, and geopolitical) as network
topology is changed via BGP updates in order to generate
probabilistic (not only cryptographic) trust indicators for those
changes. With this understanding, we develop technologies that
embed economic incentives that have immediate value to the adopting
party and also have second order system-wide security
properties.
In this talk I begin with the definition of the problem as
economic, describe empirical work in macro-economics of security,
and close with the description of an example solution called
Bongo.’