Route consistency testing only provides the ability to trigger alarms whenever a node propagates invalid route announcements. We append consistency testing with penalty based route selection, a simple containment strategy that attempts to identify suspicious candidates and avoid routes propagated by them. The strategy works as follows: A router counts across destinations how often an AS appears on an invalid route, and assigns this count as a penalty value for the AS. The more destinations an adversary affects the higher becomes its penalty and the clearer it stands out from the rest. The route selection strategy is to choose the route to a destination with the lowest penalty value.
Consider the topology in Figure 5, where is a malicious node that propagates invalid route announcements with AS paths , , . By choosing the minimum penalty route, the verifier can avoid the invalid routes through since they have a higher penalty value. One key assumption used in this technique is: The identity of an AS propagating invalid routes is always present in the AS path attribute of the routes. The identity of every AS is verified by the neighboring AS which receives the advertisement. For example, Zebra's BGP implementation [2] explicitly checks for this constraint for every announcement it receives. BGP should use shared keys across peering links to avoid man in the middle attacks.
Penalties should primarily be viewed as a reasonable first response to detect suspicious candidates and not as a fool-proof mechanism. In the presence of an isolated adversary, penalty based filtering can ensure that the effects of the adversary are contained. We believe that penalties is a good mechanism to detect malicious adversaries in customer AS's but should be applied with caution when involving AS's in the Internet core. In particular, penalties are not a good security measure in the presence of colluding adversaries or when the number of independent adversaries is large. For example, multiple adversaries can artificially raise the penalty of an innocent AS by including its AS number in the invalid route.