The “Overwhelming Challenge” of Safeguarding Internet Security and Operation
Three key and inherently vulnerable systems underpin all activities on the Internet: the addressing, routing and domain name systems. Safeguarding their security and operation is essential and the future of the Internet depends on successfully overcoming this “overwhelming challenge,” Kimberly C. Claffy stressed in her keynote presentation at LACNIC 34 LACNOG 2020.
Also known as KC Claffy, the founder and director of CAIDA (Center for Applied Internet Data Analysis) at the University of San Diego (USA) and Internet Hall of Fame inductee stressed the importance of Internet traffic measurements and estimates for meeting the challenge.
KC Claffy understands that solving underlying vulnerabilities requires not only overcoming technical difficulties, but also non-technical barriers and the complexity and costs of a global Internet. These properties are not compatible with the pressures exerted by a competitive ecosystem or, in some cases, by governments that have other incentives to address infrastructure security issues.
“Our suggested approach does not consist of building more or focusing specifically on changes to existing protocols. Instead, our proposed solutions involve understanding current behaviors and using this data to inform practices that can later be enforced,” the expert explained.
Best practices. Claffy commented that great efforts have been made to produce security standards and that these efforts are summarized in a set of best practices (MANRS) which are detailed in the code of conduct. “We help by complying with the code of conduct. What we’ve now found, however, is that those who claimed to be following our code of conduct weren’t actually doing so, and this turned out to be a problem,” KC added.
For this reason, CAIDA conducted a study via measurements to determine whether these best practices were being followed. “We developed a project that would create a cycle of continuous improvement. One-time measurements are important, but in order to characterize abnormal behaviors, detect suspicious behaviors and develop new rules – because rules can also change over time – measurements must be continuous,” she added.
“At the core is the fact that we are trying to change the security landscape by moving from reactive to creative actions, as in the end we need to treat the Internet as social infrastructure.”
Freedom vs censorship. According to Claffy, measuring the Internet may be the only way to monitor attempts to curb our rights and freedoms. “One of the challenges of Internet science is the existence of many false positives. There is a lot of noise on the Internet which is difficult to interpret properly without validating what is actually going on, especially in terms of the right to access to information.”
Real world. Claffy concluded that the road to increased security does not involve proposals for making global changes to Internet protocols, but rather finding operational practices that the different regions can implement to improve their security profiles.
She then proposed a way to develop and evolve these operational practices. “Our approach requires leveraging existing data sources, including the data collected by the RIRs, to support scientifically reproducible data analyses that can identify ongoing security threats, assess proposed mitigations, and track improvements.”
She suggested the possibility of using this knowledge to cultivate an international community based on disciplines that include law and economics to develop and socialize operational practices that can prevent or mitigate vulnerabilities.
To conclude, she noted that this process will create an open knowledge network that will integrate relevant data, software tools and experiences related to these Internet systems, and will relate the data to real world entities, risks and damages.