Check out the new USENIX Web site. next up previous
Next: Dealing with Adversaries Up: Related Work Previous: Related Work

Misconfigurations

Traditional approaches to detecting misconfigurations involves correlating route advertisements in the control plane from several vantage points [25,34]. While these works identify two forms of misconfigurations (origin and export misconfigurations), a fundamental limitation with analyzing BGP streams: the lack of knowledge of the Internet topology. Since the topology is not known, these techniques can pinpoint invalid routes only when the destination AS is wrongly specified but not when the path is modified.

Mao et al. [26] build an AS-traceroute tool to detect the AS path in the data plane which can be used for data-plane verification. While this tool can detect several forms of invalid routes in the data plane, it is useful for diagnostic purposes only once a problem is detected. Padmanabhan et al. [29] propose a secure variant of traceroute to test the correctness of a route. However, this mechanism requires a prior distribution of cryptographic keys to the participating AS's to ascertain the integrity and authenticity of traceroute packets. In the context of feedback based routing, Zhu et al. [35] proposed a data plane technique based on passive and active probing. The passive probing aspect of this work shares some similarities to our Listen method.


next up previous
Next: Dealing with Adversaries Up: Related Work Previous: Related Work
116 2004-02-12