2021/02/10:SCION packets are proven to follow only authorized paths, so no Frankenpaths are possible. Congratulations to Tobias Klenze, Christoph Sprenger and David Basin for their amazing paper that will appear at CSF 2021.
2021/01/25:With SCIONs mechanisms for in-network source authentication and built-in defenses against reflector attacks, such exploits would be a story of the past (dark ages of the Internet): New article available here.
2020/11/26:The new SCION newsletter is available here, discussing the necessity of multi-path routing for a reliable Internet.
2020/11/20: Early research result: global SCION deployment could save 1
GW of electric power. This corresponds to 1/7th of electricity usage
for all of Switzerland!
2020/11/16:Grid'5000, the French high-performance computing (HPC) testbed for
experimental research, has been connected to the SCIONLab network. The
connection was established in scope of Fed4FIRE+, a federation of Next
Generation Internet (NGI) testbeds, and is based on two BGP-free links
to the GEANT Testbed Service (GTS). Thanks to the rapid failover and
multipath capability in SCION, experiments running across multiple
testbeds will benefit from higher availability and higher throughput.
2020/11/13:Adrian Perrig gave the keynote at the IEEE ICNP 2020 conference.
2020/10/28:Congratulations to the SCIONLab team for winning the best paper award at ICNP 2020! Their hard work over the past years has paid off. Read the paper here.
2020/10/26:How can network stability be guaranteed in a path-aware Internet? We show how to incentivize selfish end-points to select their communication paths in a way that does not lead to load oscillation. Read the paper
2020/10/23:If end-hosts can select their own communication path through a network
(as they can in SCION), the resulting outcome can be expected to be
nearly optimal - even if the end-hosts have only limited congestion
Information. Read the paper
2020/10/19:Delegation and revocation are intertwined issues and major challenges in the web PKI. We analyzed and compared 19 schemes in a SoK paper (recently presented at EuroS&P) to try and shed light on this vast research area.
2020/10/08:At the AsiaCCS 2020 Conference, Prof. Adrian Perrig gave a keynote talk
about global communication guarantees in the presence of adversaries.
Look at the presentation and the video and find out how SCION can guarantee global communication.
2020/10/05:In a recent publication at the USENIX Security Symposium, we posed the question: Can packet forwarding in the Internet be highly efficient and secure at the same time? Have a look at our paper to get the answer!
2020/10/01:Byzantine fault-tolerant protocols are very difficult to verify — but it is time we can trust the protocols we use! Logres shows that this is possible with a provably secure design that can handle real-world use cases.
2020/09/25:Together with partners in the 2STiC programme, SIDN Labs look at emerging internet infrastructures and published a blog blog in which they give an introduction to SCION.
2020/09/18:The news magazine "DFN Mitteilungen" includes an article, about our
SCIONLab testbed. DFN is the German National Research and Education
Network, which is now providing a core AS in SCIONLab on top of their
DFN-GVS (General-Virtualization-Service) infrastructure. The DFN-GVS
platform enables its users to establish native SCION links with the
global SCIONLab network.
2020/06/19:The new SCION newsletter is available here, giving an overview of our research achievements, deployments and insights into use cases.
2020/06/04:Security mechanisms for BGP like RPKI and BGPsec have recently gained traction on the Internet and sparked the hope of resolving many of its security issues in the near future. In this article, we discuss why this hope may be premature and argue that a more fundamental redesign of the Internet's architecture is required.
2020/05/28:Huawei’s proposed ‘New IP’ has spurred intensive discussions. Check out our analysis in this article where we put the proposal in relations to SCION and read why blindly bashing it could be premature.
2020/04/30:SIDN Labs is now fully connected to the global SCIONLab testbed, through BGP-free connections by SURF and GEANT. SIDN is the organization that is governing the .nl domain name space, and SIDN Labs is exploring future Internet technologies as part of the 2sTiC program.
2020/03/16:The new SCION newsletter is available here, giving an overview of our research achievements and latest events.
2020/02/03:Kamila Součková and Mateusz Kowalski gave a talk about SCION at the FOSDEM conference. Read here to learn how SCION improves security, availability and performance of the current Internet and how you can start using it today. Slides and video of the talk can be found here.
2020/01/20:New LEO satellite networks promise to revolutionize ultra-low-bandwidth communication. In a new paper we find that a path-aware network architecture is needed to obtain optimal performance.
2020/01/17:Adrian Perrig will give a keynote presentation at SWITCH NetSec WG 2020: “New directions for high-throughput and high-security academic research communication”
Link to slides here
2020/01/06:SIDN published their main accomplishments in 2019 and mentioned SCION as one of their major pieces to investigate in future internet infrastructures. Read full
2019/12/05:The Swiss National Bank (SNB) investigates how to make digital payment
transfers more secure. Currently, they are evaluating the SCION secure
Internet architecture to reduce the risk of cyber-attacks. Read full
article (in German) here.
2019/10/31:The SCION day on November 6th is coming closer and we are pleased to share the detailed agenda with you.
2019/10/10:SCION got mentioned by the RADAR's issue about cyber security as one of the key pillars for a sustainable cyber security strategy (p.67). According to the article, SCION revolutionises the way that packets are sent through the internet due to path-aware networking. Read here.
2019/10/04:Join us at the VIScon on Saturday 12th October and experience SCION in our workshop. We have created the “heir to the throne” game: Find the best path to the destinations; go around undesired ones. Win the competition by coding the best algorithm. Read more here.
VIScon is a conference for technology enthusiasts, scientists and engineers, organized by the association of computer science students at ETH Zurich. It will feature a variety of industry and academic talks, workshops, exhibitions, and coding. Registration and more info can be found here.
2019/09/27:SIDN Labs is currently experimenting with SCION and provides in the latest blog a brief update and looks ahead at the SCION-related work they have in the pipeline.
SIDN Labs has connected its network to SCIONLab, the international testbed that interconnects around thirty sites. This means they are not using the current Internet (in particular BGP and the corresponding IP routing) but the native SCION routing. To evaluate how SCION performs in practice, they are implementing the SCION protocol in P4.
SCION is part of the 2STiC research programme that experiments with emerging internet architectures in collaboration with NLnet Labs. Read here.
2019/09/19:We are excitedly looking forward to the SCION Day on November 6 at ETH Zürich. We have several highlights for the day, and we will focus on use cases and recent research / deployment results. Please join us for this exciting day to celebrate our joint accomplishments, and to help us set accents for our next directions. The program overview is available here.
Please register here.
2019/07/16:Several major Internet outages affected millions of users around the world during the month of June. A massive Google Cloud outage took outservice for most on the U.S. east coast, affecting third-party siteslike Discord, Snap, Vimeo and several of Google's own services.
Cloudflare suffered 2 outages, affecting Amazon, Linode and other
major companies reliant on Cloudflare's infrastructure. Also Facebook,
Twitter and Apple suffered from an outage leading to restricted user
This made evident, that Internet providers need to have better routing
filters. A secure Internet Architecture like SCION could prevent such
Internet-related outages. Its path-aware networking ensures that
packets arrive at the targeted destination, by enabling circumvention
of unavailable areas. Read the full article here.
2019/06/21:A research group at the University of Tennessee under Prof. Max Schuchard has devised a new form of DDoS attack, which they call the Maestro attack.
In their attack, the BGP protocol is exploited to focus botnet attack traffic onto a target link in the Internet, creating congestion on the link. The Maestro attack further strengthens the Crossfire attack, which is highly effective to conduct DDoS on today's Internet.
According to the researchers, although upgrades such as peer locking could help to prevent this specific attack, replacing BGP with an entirely new, next-generation system (e.g., SCION) would be the most effective solution.
2019/06/15:Security continues to be an important topic in today's Internet. With the Border Gateway Protocol (BGP) as its weakest link, many loopholes are exploited for attacks (e.g. prefix hijacking), calling for a secure Internet architecture.
An alternative to BGP is the SCION protocol which has a high level of security and can be verified by network operators, so that attacks can be prevented. Trust can be restored and hijacking completely avoided due to the fact that sender and receiver can define which path a packet takes (path-aware networking). Cryptographic verification of paths is also interesting for the financial sector, as described by an article published by NZZ (in German)
2019/06/07:The SCION secure Internet architecture could have prevented the outage on Thursday last week, when for two hours, a large chunk of European mobile traffic was rerouted through China.
The incident happened, because of a BGP route leak. The Boarder Gateway Protocol (BGP), that is used to reroute traffic at the ISP level, has been known to be problematic and BGP route leaks happen on a daily basis (https://bgpstream.com). This time however, instead of ignoring the erroneous BGP announcement, China Telecom re-announced Safe Host's information, resulting in a rerouting of European mobile networks trough China Telecom's network.
SCION makes the Internet more secure through path-aware networking and preventing BGP route leaks and prefix hijacking attacks. Read the full article here.
2019/04/25:The R&D team of SIDN (the registry for .nl) recently launched 2STiC, a joint research program to develop and experiment with mechanisms to increase the security, stability, and transparency of internet communications. SCION is one of the selected architectures in this project and has been implemented using P4 routers. More information can be found here and here.
2019/01/11:Iranian hackers use DNS hijacking in a targeted attack to grab sensitive data. An article about the attack can be found on Wired.
2018/12/28:Massive Ad Fraud Scheme based on BGP Hijacking allowed attackers to steal more than $29M. SCION would have prevented this attack. More information about the incident can be found
here and here.
2018/10/26:Yet another example on how BGP hijacking is used to redirect traffic for malicious purposes. In this case, China Telecom employs its conveniently distributed points of presence (PoPs) in western democracies’ telecommunications systems to redirect Internet traffic through China. More details can be found here. Oracle confirms these attacks.
2018/10/12:The 4th SCION newsletter is available here, discussing our research opportunities in SCIONLab and recent research conducted by our team.
2018/10/01:Matthias Frei and Francois Wirz joined the SCIONLab team as Software Engineers. Both hold a Master's degree in Computer Science from ETH and will work on improving SCIONLab.
2018/08/14:On the commercial side, Anapaya systems is continuing the ISP and customer deployment of SCION. Several corporations have obtained SCION network connections through these ISPs to the corporate SCION network. The Anapaya team is steadily growing at a recent pace of one person per month, with currently 9 developers.
2018/07/10:The 5th SCION retreat was held in the Swiss mountains. This year the SCION team met guests from academia and industry on top of the "queen of the mountains" (Rigi). We would like to thank our partners for interesting discussions and constructive feedback.
2018/06/21:SCION is now running over GEANT. The SCIONLab team has deployed a SCION node in GEANTs pan-european network, which is one of the most advanced and well-connected research and education networks in the world.
2018/06/04:SCIONLab now supports an automated image builder that allows users to easily fetch customized images for SCION deployment on Raspberry and Odroid devices.
2018/03/05:The SCION Infographic is now available on our website (german). It illustrates the fundamental building blocks of SCION.
2018/03/02:A new amplification attack based on memcached is currently being abused in the wild. The largest attack the amplification factor is 10000 to 51000. This service is meant to cache data and reduce the strain caused by memory intensive services. Memcached servers require no authentication, and thus are vulnerable to reflection attacks using source address spoofing. A memcached driven attack with a bandwidth of 1.3 Tbps has been launched against the software development platform github.com (article).
2018/02/01:Juan Pardo joined the SCION team as a developer. He will mainly be working on improving SCIONLab.
2018/01/20:Swiss National Radio and Television published an article about SCION (german).
2017/12/13:A major BGP routing "incident" routes traffic for big-name sites through Russia. 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were now detected in the global BGP routing tables with a previously unknown Origin AS of 39523 (DV-LINK-AS), originating in Russia. This incident was one of almost 5000 route leaks and hijacks in the first 11 months of 2017. More information can be found here and here.
2017/11/30:The tutorials on how to set up and run a SCION node on different platforms are available here.
2017/11/14:The SCION team was part of the Swiss Next Generation Internet (NGI) workshop hosted by Euresearch. The goals of the event were to get informed about the Next Generation Internet initiative of the European Commission, to provide thoughts on how a future Internet might look like by 2030, and how to get there.
2017/10/10:The SCION architecture book is available in print (ISBN 978-3-319-67079-9) and online. Additionally, we have published a PDF-version of the book on our publications page.
2017/08/26:BGP leak caused Internet outages in Japan and beyond. Google accidentally leaked a big route table, the result of which was traffic from Japanese ISPs NTT and KDDI was sent to Google on expectation it would be treated as transit. SCION prevents such accidental BGP hijacks.
2017/07/28:Anapaya Systems is our startup to commercialize SCION technology. The Anapaya Systems website is now active.
2017/07/19:The Path Aware Networking Research Group (PANRG), a proposed research group of the IRTF, had the first meeting at the IETF meeting in Prague. Brian Trammell did an excellent job to establish the research group, which received broad support from the community. We also presented SCION as an architecture for path awareness. Here are the meeting notes. The next meeting will be at the IETF in Singapore in November.
2017/06/23:We have published an article about effect mitigation of IoT attacks in future Internet architectures.
2017/06/15:Article by Felix Würsten in ETH Globe "A new foundation". The article is on pages 13 and 14 in the PDF, and on pages 25 and 26 in the print version. PDF in English and in German.
2017/06/13:HIDDEN COBRA is North Koreaâs DDoS Botnet Infrastructure. It has been used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. SCION would help to ensure communication despite attacks. CERT TA17-164A
2017/06/12:The CrashOverride Malware is an extensible platform that could be used to target critical infrastructure sectors (CERT TA17-163A). Wired Magazine published an interesting article. What is interesting about CrashOverride is that it can operate disconnected from the Internet. Thus, it is important to run a secure routing protocol, even in networks that claim to be secure because they are disconnected from the Internet. The SCION secure routing protocol could help in those cases.
2017/06/09:Today, a 10Gbit Fiber cross-connect was installed between two SCION border routers at CERN, Geneva. This allows native SCION communication between the two SCION ASes located in CERN premises of our collaborating ISPs: Swisscom and SWITCH. Many thanks to these ISPs for supporting SCION.
2017/05/28:The Sonntagszeitung publishes an article on SCION (german).
2017/05/26:A near-final draft of the SCION book is completed.