2019/07/16:Several major Internet outages affected millions of users around the world during the month of June. A massive Google Cloud outage took outservice for most on the U.S. east coast, affecting third-party siteslike Discord, Snap, Vimeo and several of Google's own services.
Cloudflare suffered 2 outages, affecting Amazon, Linode and other
major companies reliant on Cloudflare's infrastructure. Also Facebook,
Twitter and Apple suffered from an outage leading to restricted user
This made evident, that Internet providers need to have better routing
filters. A secure Internet Architecture like SCION could prevent such
Internet-related outages. Its path-aware networking ensures that
packets arrive at the targeted destination, by enabling circumvention
of unavailable areas. Read the full article here.
2019/06/21:A research group at the University of Tennessee under Prof. Max Schuchard has devised a new form of DDoS attack, which they call the Maestro attack.
In their attack, the BGP protocol is exploited to focus botnet attack traffic onto a target link in the Internet, creating congestion on the link. The Maestro attack further strengthens the Crossfire attack, which is highly effective to conduct DDoS on today's Internet.
According to the researchers, although upgrades such as peer locking could help to prevent this specific attack, replacing BGP with an entirely new, next-generation system (e.g., SCION) would be the most effective solution.
2019/06/15:Security continues to be an important topic in today's Internet. With the Border Gateway Protocol (BGP) as its weakest link, many loopholes are exploited for attacks (e.g. prefix hijacking), calling for a secure Internet architecture.
An alternative to BGP is the SCION protocol which has a high level of security and can be verified by network operators, so that attacks can be prevented. Trust can be restored and hijacking completely avoided due to the fact that sender and receiver can define which path a packet takes (path-aware networking). Cryptographic verification of paths is also interesting for the financial sector, as described by an article published by NZZ (in German)
2019/06/07:The SCION secure Internet architecture could have prevented the outage on Thursday last week, when for two hours, a large chunk of European mobile traffic was rerouted through China.
The incident happened, because of a BGP route leak. The Boarder Gateway Protocol (BGP), that is used to reroute traffic at the ISP level, has been known to be problematic and BGP route leaks happen on a daily basis (https://bgpstream.com). This time however, instead of ignoring the erroneous BGP announcement, China Telecom re-announced Safe Host's information, resulting in a rerouting of European mobile networks trough China Telecom's network.
SCION makes the Internet more secure through path-aware networking and preventing BGP route leaks and prefix hijacking attacks. Read the full article here.
2019/04/25:The R&D team of SIDN (the registry for .nl) recently launched 2STiC, a joint research program to develop and experiment with mechanisms to increase the security, stability, and transparency of internet communications. SCION is one of the selected architectures in this project and has been implemented using P4 routers. More information can be found here and here.
2019/01/11:Iranian hackers use DNS hijacking in a targeted attack to grab sensitive data. An article about the attack can be found on Wired.
2018/12/28:Massive Ad Fraud Scheme based on BGP Hijacking allowed attackers to steal more than $29M. SCION would have prevented this attack. More information about the incident can be found
here and here.
2018/10/26:Yet another example on how BGP hijacking is used to redirect traffic for malicious purposes. In this case, China Telecom employs its conveniently distributed points of presence (PoPs) in western democracies’ telecommunications systems to redirect Internet traffic through China. More details can be found here. Oracle confirms these attacks.
2018/10/12:The 4th SCION newsletter is available here, discussing our research opportunities in SCIONLab and recent research conducted by our team.
2018/10/01:Matthias Frei and Francois Wirz joined the SCIONLab team as Software Engineers. Both hold a Master's degree in Computer Science from ETH and will work on improving SCIONLab.
2018/08/14:On the commercial side, Anapaya systems is continuing the ISP and customer deployment of SCION. Several corporations have obtained SCION network connections through these ISPs to the corporate SCION network. The Anapaya team is steadily growing at a recent pace of one person per month, with currently 9 developers.
2018/07/10:The 5th SCION retreat was held in the Swiss mountains. This year the SCION team met guests from academia and industry on top of the "queen of the mountains" (Rigi). We would like to thank our partners for interesting discussions and constructive feedback.
2018/06/21:SCION is now running over GEANT. The SCIONLab team has deployed a SCION node in GEANTs pan-european network, which is one of the most advanced and well-connected research and education networks in the world.
2018/06/04:SCIONLab now supports an automated image builder that allows users to easily fetch customized images for SCION deployment on Raspberry and Odroid devices.
2018/03/05:The SCION Infographic is now available on our website (german). It illustrates the fundamental building blocks of SCION.
2018/03/02:A new amplification attack based on memcached is currently being abused in the wild. The largest attack the amplification factor is 10000 to 51000. This service is meant to cache data and reduce the strain caused by memory intensive services. Memcached servers require no authentication, and thus are vulnerable to reflection attacks using source address spoofing. A memcached driven attack with a bandwidth of 1.3 Tbps has been launched against the software development platform github.com (article).
2018/02/01:Juan Pardo joined the SCION team as a developer. He will mainly be working on improving SCIONLab.
2018/01/20:Swiss National Radio and Television published an article about SCION (german).
2017/12/13:A major BGP routing "incident" routes traffic for big-name sites through Russia. 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were now detected in the global BGP routing tables with a previously unknown Origin AS of 39523 (DV-LINK-AS), originating in Russia. This incident was one of almost 5000 route leaks and hijacks in the first 11 months of 2017. More information can be found here and here.
2017/11/30:The tutorials on how to set up and run a SCION node on different platforms are available here.
2017/11/14:The SCION team was part of the Swiss Next Generation Internet (NGI) workshop hosted by Euresearch. The goals of the event were to get informed about the Next Generation Internet initiative of the European Commission, to provide thoughts on how a future Internet might look like by 2030, and how to get there.
2017/10/10:The SCION architecture book is available in print (ISBN 978-3-319-67079-9) and online. Additionally, we have published a PDF-version of the book on our publications page.
2017/08/26:BGP leak caused Internet outages in Japan and beyond. Google accidentally leaked a big route table, the result of which was traffic from Japanese ISPs NTT and KDDI was sent to Google on expectation it would be treated as transit. SCION prevents such accidental BGP hijacks.
2017/07/28:Anapaya Systems is our startup to commercialize SCION technology. The Anapaya Systems website is now active.
2017/07/19:The Path Aware Networking Research Group (PANRG), a proposed research group of the IRTF, had the first meeting at the IETF meeting in Prague. Brian Trammell did an excellent job to establish the research group, which received broad support from the community. We also presented SCION as an architecture for path awareness. Here are the meeting notes. The next meeting will be at the IETF in Singapore in November.
2017/06/23:We have published an article about effect mitigation of IoT attacks in future Internet architectures.
2017/06/15:Article by Felix Würsten in ETH Globe "A new foundation". The article is on pages 13 and 14 in the PDF, and on pages 25 and 26 in the print version. PDF in English and in German.
2017/06/13:HIDDEN COBRA is North Koreaâs DDoS Botnet Infrastructure. It has been used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. SCION would help to ensure communication despite attacks. CERT TA17-164A
2017/06/12:The CrashOverride Malware is an extensible platform that could be used to target critical infrastructure sectors (CERT TA17-163A). Wired Magazine published an interesting article. What is interesting about CrashOverride is that it can operate disconnected from the Internet. Thus, it is important to run a secure routing protocol, even in networks that claim to be secure because they are disconnected from the Internet. The SCION secure routing protocol could help in those cases.
2017/06/09:Today, a 10Gbit Fiber cross-connect was installed between two SCION border routers at CERN, Geneva. This allows native SCION communication between the two SCION ASes located in CERN premises of our collaborating ISPs: Swisscom and SWITCH. Many thanks to these ISPs for supporting SCION.
2017/05/28:The Sonntagszeitung publishes an article on SCION (german).
2017/05/26:A near-final draft of the SCION book is completed.