[prev in list] [next in list] [prev in thread] [next in thread]
List: nanog
Subject: Re: "general badness" AS-based reputation system
From: Serranos <serrano.miser () gmail ! com>
Date: 2011-09-28 9:32:56
Message-ID: B6088DD0-2FD0-4D82-A287-985FF7D74BED () gmail ! com
[Download RAW message or body]
On Sep 26, 2011, at 02:23 , Manish Karir wrote:
> We tried to outline some of the challenges of building such a system in our NANOG52 \
> presentation:
> http://www.merit.edu/networkresearch/papers/pdf/2011/NANOG52_reputation-nanog.pdf
>
> In particular see slide 4. where we tried to lay down what we think the \
> requirements are for a socially acceptable reputation system.
>
> With a bit of luck we might be able to announce the release of our system before \
> the next NANOG mtg, but in my opinion collating host reputation reports is just a \
> small and the easiest part of the effort. The key is in solving the challenges of \
> allowing (and incentivizing) participation and being robust to false information \
> injection.
Hi Manish.
As mentioned by Gadi, the maintenance of such tools is not often easy, in particular \
since some datasources may disappear or become obsolete over time. For example, to \
have a global view of the BGP landscape the best service I know is RIS from RIPE, but \
there aren't many alternatives. Although this problem may be reduced through an \
increase of the total number of datasources, it is something to be considered. Also, \
since historical data is considered, the fact that some datasources may disappear \
over time can affect the ranking value.
Most importantly, this type of approach is dependent on the level of commitment the \
network community has, which may be mined by not enough incentives (the problem \
mentioned in slide 3). Namely (as stated before) the problem of certain customers not \
being able to reach critical systems "just" because that ASN was considered evil, is \
a strong incentive *not* to adhere to the system. This is IMHO THE biggest Problem. \
Also, if you are a transit AS do you think this to be a viable approach?
Although I think this philosophy has strong arguments to move forward, it also has \
many challenges that must be dealt with and the biggest ones are not technical (what \
a surprise…).
Thanks for your valuable contribution.
Regards,
S.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic