nanog mailing list archives

Re: "general badness" AS-based reputation system

From: Serranos <serrano.miser () gmail com>
Date: Wed, 28 Sep 2011 10:32:56 +0100

On Sep 26, 2011, at 02:23 , Manish Karir wrote:

We tried to outline some of the challenges of building such a system in our NANOG52 presentation:

http://www.merit.edu/networkresearch/papers/pdf/2011/NANOG52_reputation-nanog.pdf

In particular see slide 4. where we tried to lay down what we think the requirements are for a socially acceptable
reputation system.  

With a bit of luck we might be able to announce the release of our system before the next NANOG mtg, but in 
my opinion collating host reputation reports is just a small and the easiest part of the effort.  The key is in 
solving the challenges of allowing (and incentivizing) participation and being robust to false information
injection.


Hi Manish.

As mentioned by Gadi, the maintenance of such tools is not often easy, in particular since some datasources may 
disappear or become obsolete over time. For example, to have a global view of the BGP landscape the best service I know 
is RIS from RIPE, but there aren't many alternatives. Although this problem may be reduced through an increase of the 
total number of datasources, it is something to be considered. Also, since historical data is considered, the fact that 
some datasources may disappear over time can affect the ranking value.

Most importantly, this type of approach is dependent on the level of commitment the network community has, which may be 
mined by not enough incentives (the problem mentioned in slide 3). Namely (as stated before) the problem of certain 
customers not being able to reach critical systems "just" because that ASN was considered evil, is a strong incentive 
*not* to adhere to the system. This is IMHO THE biggest Problem. Also, if you are a transit AS do you think this to be 
a viable approach?

Although I think this philosophy has strong arguments to move forward, it also has many challenges that must be dealt 
with and the biggest ones are not technical (what a surprise…).

Thanks for your valuable contribution.

Regards,
S.

Current thread:

"general badness" AS-based reputation system Gadi Evron (Sep 25)
- Re: "general badness" AS-based reputation system Jimmy Hess (Sep 25)
  - Re: "general badness" AS-based reputation system Gadi Evron (Sep 26)
- <Possible follow-ups>
- Re: "general badness" AS-based reputation system Manish Karir (Sep 25)
  - Re: "general badness" AS-based reputation system Tom Vest (Sep 25)
    - Re: "general badness" AS-based reputation system Manish Karir (Sep 25)
    - Re: "general badness" AS-based reputation system Suresh Ramasubramanian (Sep 25)
    - Re: "general badness" AS-based reputation system Tom Vest (Sep 26)
  - Re: "general badness" AS-based reputation system Gadi Evron (Sep 26)
  - Re: "general badness" AS-based reputation system Serranos (Sep 28)