The relative success or failure in practice of a range of censorship-circumvention, DDoS defense, and congestion discovery systems depend on BGP poisoning's feasibility or impracticality. Using a purpose-built Internet-scale measurement infrastructure spanning 5 Border Gateway Protocol (BGP) routers, 8 previously unused IP prefixes, 5,000 distinct vantage points, and 3 countries, we capture and analyze 1,460 instances of BGP poisoning across 3% of Autonomous Systems (ASes) on the Internet. We also measure the Internet's response to the underlying routing behaviors necessary for widespread success of BGP poisoning and highlight how these findings impact both existing and future security systems and techniques. Fundamentally, our measurement study addresses the growing division between current and future research that assumes active re-routing of traffic is possible versus work that assumes the opposite.
View on arXiv