Various techniques to protect BGP routing have been proposed. To be deployed, these techniques must be rigorously tested and evaluated. Deter/ Emist routing group is building a routing testbed to create an experimental infrastructure and developing evaluation methods. In this talk, we describe the testbed architecture and share experience gained learned in the testbed setup.

To create realistic BGP dynamics, we inject live Internet BGP routing traffic into the testbed. We have also developed an integrated statistical and visual-based anomaly detection engine to analyze and visualize the BGP dynamics. For the first step, we conduct two BGP attack experiments: an origin AS change attack and a differential damping penalty attack. In the damping attack, we discover the subtle implementation difference between zebra router and Cisco router, which causes the different attack effects.

About the Presenter
Ke Zhang is currently a Ph.D student in the Department of Computer Science at the University of California, Davis. He is a member of the routing group in the Deter/ Emist project. His research interests include inter-domain routing protocols, routing security, and visualization.