NIST logo
*
Bookmark and Share

Recent Publications
NIST/ITL BGP Security & Routing Robustness Project 

 

Routing Security (general):

D.R. Kuhn, K. Sriram, and D. Montgomery, "Border Gateway Protocol Security, " NIST Special Publication 800-54 (BCP document for the Telecom Industry and US Government agencies), July 2007.

K. Sriram, O. Borchert, O. Kim, and P. Gleichmann, and D. Montgomery, "A Comparative Analysis of BGP Anomaly Detection and Robustness Algorithms,"Proceedings of the Cybersecurity Applications and Technology Conference for Homeland Security (CATCH), Washington D.C., March 3-4, 2009, pp. 25-38. Presentation slides: http://www.cyber.st.dhs.gov/public/CATCH/Sriram.pdf

K. Sriram, D. Montgomery, O. Borchert, O. Kim, and D.R. Kuhn, "Study of BGP Peering Session Attacks and Their Impacts on Routing Performance," IEEE Journal on Selected Areas in Communications: Special issue on High-Speed Network Security, Vol. 24, No. 10, October 2006, pp. 1901-1915.

K.Sriram, D. Montgomery, O. Borchert, O. Kim, and R. Kuhn., "Border Gateway Protocol (BGP): Investigation of Vulnerabilities and Simulation Studies of Attack Impacts", Presentation slides of seminar given at various universities and R&D labs, 2006-2007.

K. Sriram, O. Borchert, O. Kim, P. Gleichmann, and D. Montgomery, "Routing Data Quality and Its Impact on BGP Anomaly Detection Algorithms," Invited presentation given at the ISOC Routing Resiliency Measurements Workshop, Atlanta, November 2012. 

 

BGPSEC/RPKI Specific:

M. Lepinski (Ed.), K. Sriram, D. Montgomery, et al., "BGPSEC Protocol Specification," IETF draft-ietf-sidr-bgpsec-protocol, October 2014.

K. Sriram, D. Montgomery, and R. Bush, "RIB Size and CPU Workload Estimation for BGPSEC,"  Presentation at the IETF-91 Joint IDR/SIDR WG Meeting, November 2014.

K. Sriram, D. Montgomery, D. McPherson, and E. Osterweil,  "Problem Definition and Classification of BGP Route Leaks" IETF draft-sriram-route-leak-problem-definition-00, October 2014.

K. Sriram and D. Montgomery, "Methods for Detection and Mitigation of BGP Route Leaks," IETF draft-sriram-route-leak-detection-mitigation-00, October 2014.

K. Sriram and D. Montgomery, "Enhancement to BGPSEC for Detection/Mitigation against Route Leaks," Presentation at the IETF-90, GROW WG Meeting, July 2014.

O. Borchert, S. Spies, K. Lee, D. Montgomery, K. Sriram, and O. Kim, "NIST BGP-SRx (BGPSecure Router eXtension) and BRITE (BGPSEC/RPKI Interoperability Test andExperimentation)," Presented at NANOG 53, Philadelphia, October 2011.

O. Borchert, D. Montgomery, K. Lee, O. Kim, and K. Sriram, "BGP Secure Routing Extension (BGP-SRx)" - NIST Prototype Implementation of RPKI-based BGP Origin Validation.

O. Kim, O. Borchert, K. Sriram, and D. Montgomery, "RPKI Deployment Monitor" - NIST's monitor for the global RPKI deployment and its potential influence on prefix-origin validation in the Internet.

O. Borchert, D. Montgomery, O. Kim, and K. Sriram, "BRITE - BGPSEC / RPKI Interoperability Test & Evaluation" - NIST's web-based test and evaluation framework for exercising implementations of RPKI-based security extensions.

S. Kent and K. Sriram, "RPKI Rsync Download Delay Modeling," Presented at the IETF-86, SIDR WG Meeting, March 2013.

K. Sriram, "Comparison of Replay-Attach Protection Mechanisms for BGPSEC," presentation slides, September 2012.

O. Borchert, S. Spies, K. Lee, D. Montgomery, K. Sriram, and O. Kim, "NIST BGP-SRx (BGP Secure Router eXtension) and BRITE (BGPSEC/RPKI Interoperability Test and Experimentation)," Presented at NANOG 53, Philadelphia, October 2011.

W. Kumari and K. Sriram, “Recommendation for Not Using AS_SET and AS_CONFED_SET in BGP,” IETF RFC 6472 & BCP 172, December 2011.

K. Sriram (Ed.), "BGPSEC Design Choices and Summary of Supporting Discussions," IETF draft-sriram-bgpsec-design-choices, July 2011.

T. Manderson, K. Sriram, and R. White, “Use cases and interpretation of RPKI objects for issuers and relying parties,” IETF SIDR WG Internet Draft, January 2012. 

K. Sriram and Randy Bush,  "Estimating CPU Cost of BGPSEC on a Router," IETF-83, SIDR WG Meeting, March 2012. Also, presented at the RIPE 63, October 2011.

K. Sriram, O. Borchert, O. Kim, D. Cooper, and D. Montgomery, "RIB Size Estimation for BGPSEC," Presented at the IETF-81, SIDR WG Meeting, July 2011.

K. Sriram, “Realistic Model of the Load Due to BGPSEC Beacons,” Presented at IETF SIDR WG Interim meeting, San Diego, February 9, 2012.

O. Kim, K. Sriram, O. Borchert, and D. Montgomery, "Characterization of the Size and Shape of Static RPKI," NIST presentation (draft), December 2010. 

O. Kim, K. Sriram, O. Borchert, P. Gleichmann, and D. Montgomery, "An Analysis of ARIN NetHandles with OriginAS Data and Analysis of RIR/IRR Registry Data", Presented at ARIN XXIII, San Antonio, TX, April 26-29, 2009.
 
K. Sriram O. Borchert, O. Kim, P. Gleichmann, and D. Montgomery, “Measurement Data on AS_SET and AGGREGATOR {Prefix, Origin} Validation Algorithm,” Presented at the IETF-78, SIDR WG Meeting, July 2010.

O. Borchet, O. Kim, K. Sriram, and D. Montgomery, “TERRAIN: Testing and Evaluation of Routing Robustness in Assurable Inter-domain Networking,” Poster presentation at the Cybersecurity Applications and Technology Conference for Homeland Security (CATCH), Washington D.C., March 3-4, 2009.

 

Internet Routing Scalability:

K. Sriram (Contributor), Section 13, IETF RFC 6115 (Editor: Tony Li), "Recommendation for a Routing Architecture," February 2011.Section 13 deals with "Enhanced Efficiency of Mapping Distribution Protocols." (NIST contribution)

K. Sriram, P. Gleichmann, Y.T. Kim, and D. Montgomery, "Enhanced Efficiency of Mapping Distribution Protocols in Scalable Routing and Addressing Architectures," Proceedings of the IEEE ICCCN 2010, Zurich, August 2010. Presentation slides (presentation in the LISP WG meeting at the 78th IETF, July 2010)