Risk Level as a Service: Enhancing BGP Security through IXP-Based Risk Assessment

The Border Gateway Protocol (BGP) is the de-facto standard for inter-domain routing, enabling Autonomous Systems (ASes) to exchange reachability information. BGP's trust-based design makes it vulnerable to configuration errors and malicious activities, disrupting global connectivity between ASes. Internet Exchange Points (IXPs), components of today's Internet enabling efficient interconnection among networks, typically implement countermeasures, enforcing filtering policies based on Internet Routing Registries (IRRs) and the Resource Public Key Infrastructure (RPKI), which protect the IXP's Route Server (RS) and members. However, IXP members may still receive malicious routes through other BGP connections and, without proper filtering, select them as best paths. A possible solution for IXP members is to deploy risk-based monitoring tools, as in compliance with the U.S. Roadmap to Enhancing Internet Routing Security. However, implementing such tools individually on each AS poses scalability challenges and adds complexity. In this work, we introduce Risk Level-as-a-Service (RLaaS), a novel security service that IXPs can provide to their members to enhance inter-domain routing resilience. RLaaS dynamically assigns a Risk Level (RL) to ASes by analyzing malicious announcements observed at the RS, potentially indicative of prefix hijacking. The RL value is distributed to IXP members, enabling them to incorporate it into their local routing policies to penalize high-risk ASes. RLaaS is intended to complement the partial deployment of RPKI, offering an additional layer of security. Through a proof-of-concept, we demonstrate that RLaaS can reduce the propagation of malicious announcements and improve the robustness of the inter-domain routing ecosystem.