Telco Providers Security Challenges – Part 1

BGP Hijacking (sometimes referred to as IP hijacking, prefix hijacking or route hijacking)

Routing between Autonomous Systems (AS) is achieved using the Border Gateway Protocol (BGP), which allows ASes to advertise to others the addresses of their network and receive the routes to reach the other Ases. Each AS implicitly trusts the peer ASes it exchanges routing information with.

BGP hijacking is an attack against the routing protocol that consists in taking control in blocks of IP addresses owned by a given organization without their authorization. This enables the attacker to perform other malicious activities (e.g., spamming, phishing, malware hosting) using hijacked IP addresses belonging to somebody else.

Some articles have recently reported on the emerging phenomenon where spammers hijack unused networks and use them to send spam from clean, non-blacklisted IP addresses. This phenomenon has been referred to as fly-by spammers.

Information-Centric Networking: Current State and Key Challenges

  • The Internet plays a central role in our society
  • Work and business, education, entertainment, social life, etc
  • The vast majority of interactions relate to content access

–P2P overlays (e.g. BitTorrent, eMule, live streaming)
–Media aggregators (e.g. YouTube, GoogleVideo)
–Over-the-top video (e.g. Hulu, iPlayer)
–Content Delivery Networks (e.g. Akamai, Limelight)
–Social Networks (e.g. Facebook, MySpace)
–Photo sharing sites (e.g. Picasa, Flickr)

  • New approaches are required to cater for the explosion of video-based content and for creating novel use experiences

Future Internet Requirements

  • Better mobility support
    • Impact on addressing
  • More flexible and reliable routing
    • Multi-path as opposed to current single path
  • Better service-aware resource control
    • Service-aware mapping of traffic to resources => better QoE
  • Better security and spam protection
    • Possibly other paradigms of identity/presence, e.g. default-off

ICN can deal with:

–Mobility – content/user ID not bound to location

–Multi-path routing – any cast through in-network caching

–Content-aware resource mapping – using metadata

–Security – integrated with the content

–Spam protection – receiver-driven model 

Thanks and watch out of Part 2