Beyond Technical Solutions: Understanding the Role of Governance Structures in Internet Routing Security

Posted: 31 Mar 2015

See all articles by Brenden Kuerbis

Brenden Kuerbis

Georgia Institute of Technology - School of Public Policy

Milton Mueller

Georgia Institute of Technology

Rio Maulana

Syracuse University - School of Information Studies

Date Written: March 31, 2015

Abstract

Internet routing security incidents often make headlines when they occur (Cowie, 2010, RIPE 2008). But not all networks on the Internet (known technically as Autonomous Systems) experience incidents, and some experience more than others. While efforts to standardize and deploy secure routing technologies continue and commercial services to help mitigate them are now commonplace, a broader empirically-based contextual understanding of these incidents does not exist.

Informed by theories of institutional economics and networked governance (Jones et al, 1997; Mueller et al, 2013), and using existing data from large-scale monitoring projects operated by computer scientists (e.g., Argus, Routeviews, CAIDA), the objective of this research is to shed light on why network operators experience different levels of routing security incidents. Our research method for the entire project uses quantitative measures of routing incidents over time (the dependent variable) and a set of independent variables that reflect variations in the macro, meso and micro level governance structures among Autonomous Systems. This paper, representing an early stage of the research, focuses mainly on the independent variables related to the meso level; i.e., “structural embeddedness” (SE). SE is defined as the degree to which Autonomous Systems are embedded within interconnections of other Autonomous Systems.

Contrary to the expectations established by Pastor-Satorras, R., Vázquez, A., & Vespignani, A. (2001) and our hypothesis that higher levels of SE among Autonomous Systems are negatively correlated with the number of routing incidents, SE has at best a very weak role in explaining the prevalence or absence of incidents. The strongest factors influencing susceptibility to routing incidents appear to be the number of peering and transit relationships an Autonomous System (AS) maintains with other Autonomous Systems, followed by the number of prefix advertisements an AS originates. These findings actually reinforce our ongoing study’s focus upon governance structures, making it more likely that specific operational and organizational practices (e.g., filtering, number of transit relationships) and institutional factors (e.g., legal and contractual relationships) will prove to play a significant role.

Suggested Citation

Kuerbis, Brenden and Mueller, Milton and Maulana, Rio, Beyond Technical Solutions: Understanding the Role of Governance Structures in Internet Routing Security (March 31, 2015). TPRC 43: The 43rd Research Conference on Communication, Information and Internet Policy Paper, Available at SSRN: https://ssrn.com/abstract=2587727

Brenden Kuerbis (Contact Author)

Georgia Institute of Technology - School of Public Policy ( email )

Atlanta, GA 30332-0345
United States

Milton Mueller

Georgia Institute of Technology ( email )

School of Public Policy
Schhol of Cybersecurity and Privacy
Atlanta, GA 30332
United States
404-385-4281 (Phone)

HOME PAGE: http://www.spp.gatech.edu/faculty/milt

Rio Maulana

Syracuse University - School of Information Studies ( email )

Hinds Hall
Syracuse, NY 13244
United States

Do you have negative results from your research you’d like to share?

Paper statistics

Abstract Views
196
PlumX Metrics