We all know that “routing security” incidents happen, but it’s hard to get a grasp on exactly what the situation is. To that end, our colleagues in the Internet Society Standards and Technology team organized a “Routing Resiliency Measurements Workshop” in November 2012 to bring together participants from network operators, research labs, universities and vendors to explore what we can measure now – and what we need to do to start collecting more accurate measurements. The team has now published a report:
and our colleague Andrei Robachevsky has published some observations about the workshop. As Andrei notes, the point of the workshop was to address three main questions:
- What level of attack has there been in the past – to what extent do security incidents happen, but go unnoticed, or get dealt with inside a single network, possibly introducing collateral damage?
- Are the number and impact of service disruptions and malicious activity stable, increasing, or decreasing?
- Can we understand why, and track it collectively?
The report goes into some detail on what was discussed in the workshop and some of the approaches that were outlined. As Andrei relays in his post, the workshop didn’t magically produce answers to all these questions… but it did lay the foundation for where more work needs to occur.
As we open up the new topic area of Routing Resiliency / Security here on Deploy360, we intend to bring you more information from workshops such as these… and ultimately more of the solutions and best operational practices that can lead to a more resilient and secure Internet.