Hello!
My name is Bogdan Mihai, I'm 21 yr old from Romania. I recently invented
something a little more abstract for BGP security, and I'm almost sure that
there is nothing similar. I wasn't inspired by anything when I created this, it
was a purely random idea that came to my mind. I'm not even an expert in this
field, but from the beginning I saw security from a different angle than the
others.
I made a tool that basically builds a map of risk areas globally, areas where
if someone were to try a hijacking attack, that attack would be successful.
This idea came to me when I realized that BGP security is still a big problem.
RPKI adoption is still slow.
And the problem is that today's security in BGP is more reactive, it comes into
play only after the attack is detected and damage is done.
So I leave you here the link to the zenodo site where I posted my invention.
https://zenodo.org/records/18421580
What I ask of you, and extremely important, is not to analyze every file there,
but at least the product overview to understand the idea and tell me who this
would be useful to, which company or organization.
I know that maybe not everything is perfect there, I'm no expert, but I want to
know if this idea really has value.
Someone said this (You will probably have the same question): "I have to admit
that I haven't read all the files, but from the summary, my first question was
"how can anyone benefit from this information?" You wouldn't block traffic from
a particular AS just for its safety, just like you wouldn't stop driving just
because there are bad drivers around. It seems to me that this could be a
research topic to raise awareness of the problems and that's it."
And I answered: "Correct — this system is not intended to directly block ASNs.
It is a risk intelligence tool, showing where there is real potential for abuse
and impact. Think of it as:
- city crime maps
- seismic risk maps
- financial fraud maps
No one is "blocking the city" or seismic zones, but everyone uses these maps
for preventive decisions and prioritization. In the same way, our tool helps
operators and security teams decide where to apply controls, strict ROV or
additional monitoring, before an incident occurs."
I'm very confused and sad because I worked on this but I don't know who it
would be of value to or if it even has any value. I appreciate every opinion.
-----
To unsubscribe from this mailing list or change your subscription options,
please visit: https://mailman.ripe.net/mailman3/lists/routing-wg.ripe.net/
As we have migrated to Mailman 3, you will need to create an account with the
email matching your subscription before you can change your settings.
More details at: https://www.ripe.net/membership/mail/mailman-3-migration/
