We are embarking on our last network research area: network security. I just want to spend a little bit of time talking about some thoughts that I have concerning network security. My first thoughts when thinking about network security are firewalls, IPSEC, DNSSEC, packet shapers, filters, etc. These are all important tools that aid in keeping a network safe from attackers and malicious insiders. There is another area of network security that seems to have become its own separate research area (while still quietly remaining a subarea of network security) called internet security. In my opinion, internet security deals primarily with application layer tools like intrusion detection systems, spam filters, and secure communication protocols (HTTPS, S/MIME, PKI, Diffie Hellman, WS-Trust, etc.). All of the aforementioned systems and protocol names and acronyms occur at the application layer. It seems like a lot of effort goes into protecting the application layer and for good reason, but is there not something more we can do in the lower layers to help protect the network better?
An interesting researching topic would be that of augmenting BGP to put some claims verification system to prevent malicious networks from hijacking traffic. My idea stems from the incident in China where due to a BGP misconfiguration, all traffic from the US was routing through China for a brief period of time. It was as simple as China advertising a better route than everyone else. Obviously, routing traffic meant for US networks, through China and back the US is not a better route. But, it begs the question, is there not a away to prevent such a claim?