How to Take Back Your Address Space
Preventing adversaries from hijacking address space is important, but network operators are reluctant to deploy secure routing protocols. In this paper, we present Clout, a system that like secure routing protocols prevents prefix hijacking but, in contrast to these protocols, is easily deployable. Clout is deployable by unilateral action from a single party, or multilateral action from a moderate number of independent parties, without requiring changes to BGP or the data plane. In Clout, a collection of networks jointly defends a prefix by simultaneously announcing it in BGP, essentially hijacking the hijacker. Clout relies on the premise that the adversary can be outnumbered, a requirement attainable in practice. Deployment scenarios of Clout are also presented for emergency response and as a long-standing commercial service.