Bootstrapping Accountability in the Internet We Have
The lack of accountability makes the Internet vulnerable to numerous attacks, including prefix hijacking, route forgery, source address spoofing, and DoS flooding attacks. This paper takes a "Dirty-slate" approach to bring accountability to the present Internet with low-cost and deployable enhancements. The authors' design, IPA, uses the readily available top-level DNSSEC infrastructure and BGP to bootstrap accountability. They integrate it with a suite of security building blocks to combat various network-layer attacks. Their evaluation shows that IPA introduces modest overhead, is gradually deployable, and offers incentives for early adoption.