The “Overwhelming Challenge” of Safeguarding Internet Security and Operation
October 7, 2020
Three key and inherently vulnerable systems underpin all activities on the Internet: the addressing, routing and domain name systems. Safeguarding their security and operation is essential and the future of the Internet depends on successfully overcoming this “overwhelming challenge,” Kimberly C. Claffy stressed in her keynote presentation at LACNIC 34 LACNOG 2020.
Also known as KC Claffy, the founder and director of CAIDA (Center for Applied Internet Data Analysis) at the University of San Diego (USA) and Internet Hall of Fame inductee stressed the importance of Internet traffic measurements and estimates for meeting the challenge.
KC Claffy understands that solving underlying vulnerabilities requires not only overcoming technical difficulties, but also non-technical barriers and the complexity and costs of a global Internet. These properties are not compatible with the pressures exerted by a competitive ecosystem or, in some cases, by governments that have other incentives to address infrastructure security issues.
“Our suggested approach does not consist of building more or focusing specifically on changes to existing protocols. Instead, our proposed solutions involve understanding current behaviors and using this data to inform practices that can later be enforced,” the expert explained.
(Free access, no subscription required)
Best practices. Claffy commented that great efforts have been made to produce security standards and that these efforts are summarized in a set of best practices (MANRS) which are detailed in the code of conduct. “We help by complying with the code of conduct. What we’ve now found, however, is that those who claimed to be following our code of conduct weren’t actually doing so, and this turned out to be a problem,” KC added.
For this reason, CAIDA conducted a study via measurements to determine whether these best practices were being followed. “We developed a project that would create a cycle of continuous improvement. One-time measurements are important, but in order to characterize abnormal behaviors, detect suspicious behaviors and develop new rules – because rules can also change over time – measurements must be continuous,” she added.
“At the core is the fact that we are trying to change the security landscape by moving from reactive to creative actions, as in the end we need to treat the Internet as social infrastructure.”