Comparing the Security Performance of Network-Layer
and Application-Layer Anycast
Link to publication 
Download Bibtex entry
Martin and Avramopoulos, Ioannis
||Department of Computer Science, Princeton University
provide a theoretical analysis of the security performance of two
anycast techniques that could be used as a countermeasure against DNS
attacks exploiting vulnerabilities in the interdomain routing system.
We argue that that the performance of the two techniques – network
and ideal application layer anycast – does not differ in practice.
This is achieved by showing that the performance can only differ if a
family of special subgraphs that we characterize appears in the
interdomain network topology. Our result supports our earlier
experimental findings. While experimentation will remain a crucial
method to accurately evaluate the behavior of complex routing systems
in the future, we hope that analysis such as this one can help to
understand and design routing protocols with better security,
reliability and performance properties.
|Bibtex Type of Publication