How secure are secure interdomain routing protocols?

In response to high-profile Internet outages, BGP security variants have been proposed to prevent the propagation of bogus routing information. The objective of this paper is to inform discussions of which variant should be deployed in the Internet. To do this, we quantify the ability of the key protocols (origin authentication, soBGP, S-BGP, and data-plane verification) to limit the impact of traffic-attraction attacks; i.e., when an attacker deliberately draws traffic to its own network, in order to drop, tamper, or eavesdrop on packets. Our results and contributions are as follows: