About

Routing Resiliency Survey

Introduction

Improving routing security is a key part of ensuring the Internet is a reliable platform for communication around the world. Operational data is an important foundation for monitoring developing trends and making rational decisions to address security issues related to routing. It is also important to measure the effect of routing security tools and technologies once they are deployed. Because the inter-domain routing system is global, such monitoring and measurements should be long-term and be done on a global scale.

However, currently, there is no coordinated approach across network operators to collect or analyze this kind of data, leaving network operators with only incomplete or anecdotal evidence to understand Internet-wide routing security issues.

To address this gap, the Internet Society is inviting network operators to participate in an effort to improve the collection of incident data related to routing resiliency. The effort, undertaken in partnership with the Border Gateway Protocol (BGP) monitoring service BGPmon (http://www.bgpmon.net), also aims to provide a statistically representative picture of these incidents and their impacts, and to provide a basis for risk assessment and global trend analysis. In this context, one important dataset is operational statistics of incidents related to routing security, as registered by a network operator. This survey is aimed at collecting these operational data.

The Survey

Participants are asked to provide two kinds of information:

1. General network information (e.g. number of peers, clients, transit providers, etc.), and

2. Data related to routing security incidents via an automated monitoring effort.

Participating network operators will be provided with data specific to their network, allowing better assessment of risks originated from the global routing system. They will also have the opportunity to access information about broader trends based on analyses of data collected across participating networks.

General network information

At the beginning a participant will be asked to complete a registration process, filling out a web form containing questions related to network type, connectivity, and practices used in mitigating routing security incidents. It should take approximately 15 minutes to fill out the registration form.

All information provided will be kept confidential and used only for statistical purposes when analyzing the state and trends of the global routing system of the Internet. Once such analysis is done, all the participants will get access to the report.

Data related to routing security incidents via an automated monitoring effort.

Alerts related to changes in originating Autonomous System Numbers (ASNs) for the participant prefixes are generated by BGPmon, a partner of the Internet Society in this project. The list of prefixes that are monitored for a given AS is generated from the observed BGP announcements.

Initially the participant is presented with several past possible security incidents (if any of severe incidents were detected over past year). After that, when at least one incident occurs related to participant’s prefixes, a weekly report is generated and made available to only that participant via the survey web portal. An email will be sent as notification that a new overview of events is available.

To validate the information in the overview, a participant will need to log into the portal and provide additional information for every incident listed, such as severity of the incident, resolution, etc. All this information is requested in an easy multiple-choice form, although the opportunity to provide free-text comments will also be available.

Based on historical data, an average weekly report contains 1-2 incidents and it takes no more than 5 minutes to validate it and supply additional information.

Privacy concerns

We understand the sensitivity of some of the data involved in this effort. Therefore, the Internet Society is committed to ensuring participant-specific information remains confidential. All data collected will be stored on Internet Society servers. Any information or analyses shared beyond a specific network will be fully anonymized.

How to participate

If you decide to participate, please send a request for the creation of your account to rrs-admin@isoc.org. In the request please indicate the your AS number. You may also include AS numbers of your customers for which you would like to monitor and classify related security incidents.